1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19#include <crypto/hash.h>
20#include <linux/string.h>
21#include <linux/kthread.h>
22#include <linux/completion.h>
23#include <linux/module.h>
24#include <linux/vmalloc.h>
25#include <linux/idr.h>
26#include <asm/unaligned.h>
27#include <scsi/scsi_proto.h>
28#include <scsi/iscsi_proto.h>
29#include <scsi/scsi_tcq.h>
30#include <target/target_core_base.h>
31#include <target/target_core_fabric.h>
32
33#include <target/iscsi/iscsi_target_core.h>
34#include "iscsi_target_parameters.h"
35#include "iscsi_target_seq_pdu_list.h"
36#include "iscsi_target_datain_values.h"
37#include "iscsi_target_erl0.h"
38#include "iscsi_target_erl1.h"
39#include "iscsi_target_erl2.h"
40#include "iscsi_target_login.h"
41#include "iscsi_target_tmr.h"
42#include "iscsi_target_tpg.h"
43#include "iscsi_target_util.h"
44#include "iscsi_target.h"
45#include "iscsi_target_device.h"
46#include <target/iscsi/iscsi_target_stat.h>
47
48#include <target/iscsi/iscsi_transport.h>
49
50static LIST_HEAD(g_tiqn_list);
51static LIST_HEAD(g_np_list);
52static DEFINE_SPINLOCK(tiqn_lock);
53static DEFINE_MUTEX(np_lock);
54
55static struct idr tiqn_idr;
56struct idr sess_idr;
57struct mutex auth_id_lock;
58spinlock_t sess_idr_lock;
59
60struct iscsit_global *iscsit_global;
61
62struct kmem_cache *lio_qr_cache;
63struct kmem_cache *lio_dr_cache;
64struct kmem_cache *lio_ooo_cache;
65struct kmem_cache *lio_r2t_cache;
66
67static int iscsit_handle_immediate_data(struct iscsi_cmd *,
68 struct iscsi_scsi_req *, u32);
69
70struct iscsi_tiqn *iscsit_get_tiqn_for_login(unsigned char *buf)
71{
72 struct iscsi_tiqn *tiqn = NULL;
73
74 spin_lock(&tiqn_lock);
75 list_for_each_entry(tiqn, &g_tiqn_list, tiqn_list) {
76 if (!strcmp(tiqn->tiqn, buf)) {
77
78 spin_lock(&tiqn->tiqn_state_lock);
79 if (tiqn->tiqn_state == TIQN_STATE_ACTIVE) {
80 tiqn->tiqn_access_count++;
81 spin_unlock(&tiqn->tiqn_state_lock);
82 spin_unlock(&tiqn_lock);
83 return tiqn;
84 }
85 spin_unlock(&tiqn->tiqn_state_lock);
86 }
87 }
88 spin_unlock(&tiqn_lock);
89
90 return NULL;
91}
92
93static int iscsit_set_tiqn_shutdown(struct iscsi_tiqn *tiqn)
94{
95 spin_lock(&tiqn->tiqn_state_lock);
96 if (tiqn->tiqn_state == TIQN_STATE_ACTIVE) {
97 tiqn->tiqn_state = TIQN_STATE_SHUTDOWN;
98 spin_unlock(&tiqn->tiqn_state_lock);
99 return 0;
100 }
101 spin_unlock(&tiqn->tiqn_state_lock);
102
103 return -1;
104}
105
106void iscsit_put_tiqn_for_login(struct iscsi_tiqn *tiqn)
107{
108 spin_lock(&tiqn->tiqn_state_lock);
109 tiqn->tiqn_access_count--;
110 spin_unlock(&tiqn->tiqn_state_lock);
111}
112
113
114
115
116
117struct iscsi_tiqn *iscsit_add_tiqn(unsigned char *buf)
118{
119 struct iscsi_tiqn *tiqn = NULL;
120 int ret;
121
122 if (strlen(buf) >= ISCSI_IQN_LEN) {
123 pr_err("Target IQN exceeds %d bytes\n",
124 ISCSI_IQN_LEN);
125 return ERR_PTR(-EINVAL);
126 }
127
128 tiqn = kzalloc(sizeof(struct iscsi_tiqn), GFP_KERNEL);
129 if (!tiqn) {
130 pr_err("Unable to allocate struct iscsi_tiqn\n");
131 return ERR_PTR(-ENOMEM);
132 }
133
134 sprintf(tiqn->tiqn, "%s", buf);
135 INIT_LIST_HEAD(&tiqn->tiqn_list);
136 INIT_LIST_HEAD(&tiqn->tiqn_tpg_list);
137 spin_lock_init(&tiqn->tiqn_state_lock);
138 spin_lock_init(&tiqn->tiqn_tpg_lock);
139 spin_lock_init(&tiqn->sess_err_stats.lock);
140 spin_lock_init(&tiqn->login_stats.lock);
141 spin_lock_init(&tiqn->logout_stats.lock);
142
143 tiqn->tiqn_state = TIQN_STATE_ACTIVE;
144
145 idr_preload(GFP_KERNEL);
146 spin_lock(&tiqn_lock);
147
148 ret = idr_alloc(&tiqn_idr, NULL, 0, 0, GFP_NOWAIT);
149 if (ret < 0) {
150 pr_err("idr_alloc() failed for tiqn->tiqn_index\n");
151 spin_unlock(&tiqn_lock);
152 idr_preload_end();
153 kfree(tiqn);
154 return ERR_PTR(ret);
155 }
156 tiqn->tiqn_index = ret;
157 list_add_tail(&tiqn->tiqn_list, &g_tiqn_list);
158
159 spin_unlock(&tiqn_lock);
160 idr_preload_end();
161
162 pr_debug("CORE[0] - Added iSCSI Target IQN: %s\n", tiqn->tiqn);
163
164 return tiqn;
165
166}
167
168static void iscsit_wait_for_tiqn(struct iscsi_tiqn *tiqn)
169{
170
171
172
173 spin_lock(&tiqn->tiqn_state_lock);
174 while (tiqn->tiqn_access_count != 0) {
175 spin_unlock(&tiqn->tiqn_state_lock);
176 msleep(10);
177 spin_lock(&tiqn->tiqn_state_lock);
178 }
179 spin_unlock(&tiqn->tiqn_state_lock);
180}
181
182void iscsit_del_tiqn(struct iscsi_tiqn *tiqn)
183{
184
185
186
187
188
189
190 if (iscsit_set_tiqn_shutdown(tiqn) < 0) {
191 pr_err("iscsit_set_tiqn_shutdown() failed\n");
192 return;
193 }
194
195 iscsit_wait_for_tiqn(tiqn);
196
197 spin_lock(&tiqn_lock);
198 list_del(&tiqn->tiqn_list);
199 idr_remove(&tiqn_idr, tiqn->tiqn_index);
200 spin_unlock(&tiqn_lock);
201
202 pr_debug("CORE[0] - Deleted iSCSI Target IQN: %s\n",
203 tiqn->tiqn);
204 kfree(tiqn);
205}
206
207int iscsit_access_np(struct iscsi_np *np, struct iscsi_portal_group *tpg)
208{
209 int ret;
210
211
212
213 spin_lock_bh(&np->np_thread_lock);
214 if (np->np_thread_state != ISCSI_NP_THREAD_ACTIVE) {
215 spin_unlock_bh(&np->np_thread_lock);
216 return -1;
217 }
218 spin_unlock_bh(&np->np_thread_lock);
219
220
221
222 spin_lock_bh(&tpg->tpg_state_lock);
223 if (tpg->tpg_state != TPG_STATE_ACTIVE) {
224 spin_unlock_bh(&tpg->tpg_state_lock);
225 return -1;
226 }
227 spin_unlock_bh(&tpg->tpg_state_lock);
228
229
230
231
232 ret = down_interruptible(&tpg->np_login_sem);
233 if (ret != 0)
234 return -1;
235
236 spin_lock_bh(&tpg->tpg_state_lock);
237 if (tpg->tpg_state != TPG_STATE_ACTIVE) {
238 spin_unlock_bh(&tpg->tpg_state_lock);
239 up(&tpg->np_login_sem);
240 return -1;
241 }
242 spin_unlock_bh(&tpg->tpg_state_lock);
243
244 return 0;
245}
246
247void iscsit_login_kref_put(struct kref *kref)
248{
249 struct iscsi_tpg_np *tpg_np = container_of(kref,
250 struct iscsi_tpg_np, tpg_np_kref);
251
252 complete(&tpg_np->tpg_np_comp);
253}
254
255int iscsit_deaccess_np(struct iscsi_np *np, struct iscsi_portal_group *tpg,
256 struct iscsi_tpg_np *tpg_np)
257{
258 struct iscsi_tiqn *tiqn = tpg->tpg_tiqn;
259
260 up(&tpg->np_login_sem);
261
262 if (tpg_np)
263 kref_put(&tpg_np->tpg_np_kref, iscsit_login_kref_put);
264
265 if (tiqn)
266 iscsit_put_tiqn_for_login(tiqn);
267
268 return 0;
269}
270
271bool iscsit_check_np_match(
272 struct sockaddr_storage *sockaddr,
273 struct iscsi_np *np,
274 int network_transport)
275{
276 struct sockaddr_in *sock_in, *sock_in_e;
277 struct sockaddr_in6 *sock_in6, *sock_in6_e;
278 bool ip_match = false;
279 u16 port, port_e;
280
281 if (sockaddr->ss_family == AF_INET6) {
282 sock_in6 = (struct sockaddr_in6 *)sockaddr;
283 sock_in6_e = (struct sockaddr_in6 *)&np->np_sockaddr;
284
285 if (!memcmp(&sock_in6->sin6_addr.in6_u,
286 &sock_in6_e->sin6_addr.in6_u,
287 sizeof(struct in6_addr)))
288 ip_match = true;
289
290 port = ntohs(sock_in6->sin6_port);
291 port_e = ntohs(sock_in6_e->sin6_port);
292 } else {
293 sock_in = (struct sockaddr_in *)sockaddr;
294 sock_in_e = (struct sockaddr_in *)&np->np_sockaddr;
295
296 if (sock_in->sin_addr.s_addr == sock_in_e->sin_addr.s_addr)
297 ip_match = true;
298
299 port = ntohs(sock_in->sin_port);
300 port_e = ntohs(sock_in_e->sin_port);
301 }
302
303 if (ip_match && (port_e == port) &&
304 (np->np_network_transport == network_transport))
305 return true;
306
307 return false;
308}
309
310
311
312
313static struct iscsi_np *iscsit_get_np(
314 struct sockaddr_storage *sockaddr,
315 int network_transport)
316{
317 struct iscsi_np *np;
318 bool match;
319
320 list_for_each_entry(np, &g_np_list, np_list) {
321 spin_lock_bh(&np->np_thread_lock);
322 if (np->np_thread_state != ISCSI_NP_THREAD_ACTIVE) {
323 spin_unlock_bh(&np->np_thread_lock);
324 continue;
325 }
326
327 match = iscsit_check_np_match(sockaddr, np, network_transport);
328 if (match) {
329
330
331
332
333
334 np->np_exports++;
335 spin_unlock_bh(&np->np_thread_lock);
336 return np;
337 }
338 spin_unlock_bh(&np->np_thread_lock);
339 }
340
341 return NULL;
342}
343
344struct iscsi_np *iscsit_add_np(
345 struct sockaddr_storage *sockaddr,
346 int network_transport)
347{
348 struct iscsi_np *np;
349 int ret;
350
351 mutex_lock(&np_lock);
352
353
354
355
356 np = iscsit_get_np(sockaddr, network_transport);
357 if (np) {
358 mutex_unlock(&np_lock);
359 return np;
360 }
361
362 np = kzalloc(sizeof(struct iscsi_np), GFP_KERNEL);
363 if (!np) {
364 pr_err("Unable to allocate memory for struct iscsi_np\n");
365 mutex_unlock(&np_lock);
366 return ERR_PTR(-ENOMEM);
367 }
368
369 np->np_flags |= NPF_IP_NETWORK;
370 np->np_network_transport = network_transport;
371 spin_lock_init(&np->np_thread_lock);
372 init_completion(&np->np_restart_comp);
373 INIT_LIST_HEAD(&np->np_list);
374
375 ret = iscsi_target_setup_login_socket(np, sockaddr);
376 if (ret != 0) {
377 kfree(np);
378 mutex_unlock(&np_lock);
379 return ERR_PTR(ret);
380 }
381
382 np->np_thread = kthread_run(iscsi_target_login_thread, np, "iscsi_np");
383 if (IS_ERR(np->np_thread)) {
384 pr_err("Unable to create kthread: iscsi_np\n");
385 ret = PTR_ERR(np->np_thread);
386 kfree(np);
387 mutex_unlock(&np_lock);
388 return ERR_PTR(ret);
389 }
390
391
392
393
394
395
396
397 np->np_exports = 1;
398 np->np_thread_state = ISCSI_NP_THREAD_ACTIVE;
399
400 list_add_tail(&np->np_list, &g_np_list);
401 mutex_unlock(&np_lock);
402
403 pr_debug("CORE[0] - Added Network Portal: %pISpc on %s\n",
404 &np->np_sockaddr, np->np_transport->name);
405
406 return np;
407}
408
409int iscsit_reset_np_thread(
410 struct iscsi_np *np,
411 struct iscsi_tpg_np *tpg_np,
412 struct iscsi_portal_group *tpg,
413 bool shutdown)
414{
415 spin_lock_bh(&np->np_thread_lock);
416 if (np->np_thread_state == ISCSI_NP_THREAD_INACTIVE) {
417 spin_unlock_bh(&np->np_thread_lock);
418 return 0;
419 }
420 np->np_thread_state = ISCSI_NP_THREAD_RESET;
421
422 if (np->np_thread) {
423 spin_unlock_bh(&np->np_thread_lock);
424 send_sig(SIGINT, np->np_thread, 1);
425 wait_for_completion(&np->np_restart_comp);
426 spin_lock_bh(&np->np_thread_lock);
427 }
428 spin_unlock_bh(&np->np_thread_lock);
429
430 if (tpg_np && shutdown) {
431 kref_put(&tpg_np->tpg_np_kref, iscsit_login_kref_put);
432
433 wait_for_completion(&tpg_np->tpg_np_comp);
434 }
435
436 return 0;
437}
438
439static void iscsit_free_np(struct iscsi_np *np)
440{
441 if (np->np_socket)
442 sock_release(np->np_socket);
443}
444
445int iscsit_del_np(struct iscsi_np *np)
446{
447 spin_lock_bh(&np->np_thread_lock);
448 np->np_exports--;
449 if (np->np_exports) {
450 np->enabled = true;
451 spin_unlock_bh(&np->np_thread_lock);
452 return 0;
453 }
454 np->np_thread_state = ISCSI_NP_THREAD_SHUTDOWN;
455 spin_unlock_bh(&np->np_thread_lock);
456
457 if (np->np_thread) {
458
459
460
461
462 send_sig(SIGINT, np->np_thread, 1);
463 kthread_stop(np->np_thread);
464 np->np_thread = NULL;
465 }
466
467 np->np_transport->iscsit_free_np(np);
468
469 mutex_lock(&np_lock);
470 list_del(&np->np_list);
471 mutex_unlock(&np_lock);
472
473 pr_debug("CORE[0] - Removed Network Portal: %pISpc on %s\n",
474 &np->np_sockaddr, np->np_transport->name);
475
476 iscsit_put_transport(np->np_transport);
477 kfree(np);
478 return 0;
479}
480
481static void iscsit_get_rx_pdu(struct iscsi_conn *);
482
483int iscsit_queue_rsp(struct iscsi_conn *conn, struct iscsi_cmd *cmd)
484{
485 iscsit_add_cmd_to_response_queue(cmd, cmd->conn, cmd->i_state);
486 return 0;
487}
488EXPORT_SYMBOL(iscsit_queue_rsp);
489
490void iscsit_aborted_task(struct iscsi_conn *conn, struct iscsi_cmd *cmd)
491{
492 bool scsi_cmd = (cmd->iscsi_opcode == ISCSI_OP_SCSI_CMD);
493
494 spin_lock_bh(&conn->cmd_lock);
495 if (!list_empty(&cmd->i_conn_node) &&
496 !(cmd->se_cmd.transport_state & CMD_T_FABRIC_STOP))
497 list_del_init(&cmd->i_conn_node);
498 spin_unlock_bh(&conn->cmd_lock);
499
500 __iscsit_free_cmd(cmd, scsi_cmd, true);
501}
502EXPORT_SYMBOL(iscsit_aborted_task);
503
504static void iscsit_do_crypto_hash_buf(struct ahash_request *, const void *,
505 u32, u32, u8 *, u8 *);
506static void iscsit_tx_thread_wait_for_tcp(struct iscsi_conn *);
507
508static int
509iscsit_xmit_nondatain_pdu(struct iscsi_conn *conn, struct iscsi_cmd *cmd,
510 const void *data_buf, u32 data_buf_len)
511{
512 struct iscsi_hdr *hdr = (struct iscsi_hdr *)cmd->pdu;
513 struct kvec *iov;
514 u32 niov = 0, tx_size = ISCSI_HDR_LEN;
515 int ret;
516
517 iov = &cmd->iov_misc[0];
518 iov[niov].iov_base = cmd->pdu;
519 iov[niov++].iov_len = ISCSI_HDR_LEN;
520
521 if (conn->conn_ops->HeaderDigest) {
522 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
523
524 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, hdr,
525 ISCSI_HDR_LEN, 0, NULL,
526 (u8 *)header_digest);
527
528 iov[0].iov_len += ISCSI_CRC_LEN;
529 tx_size += ISCSI_CRC_LEN;
530 pr_debug("Attaching CRC32C HeaderDigest"
531 " to opcode 0x%x 0x%08x\n",
532 hdr->opcode, *header_digest);
533 }
534
535 if (data_buf_len) {
536 u32 padding = ((-data_buf_len) & 3);
537
538 iov[niov].iov_base = (void *)data_buf;
539 iov[niov++].iov_len = data_buf_len;
540 tx_size += data_buf_len;
541
542 if (padding != 0) {
543 iov[niov].iov_base = &cmd->pad_bytes;
544 iov[niov++].iov_len = padding;
545 tx_size += padding;
546 pr_debug("Attaching %u additional"
547 " padding bytes.\n", padding);
548 }
549
550 if (conn->conn_ops->DataDigest) {
551 iscsit_do_crypto_hash_buf(conn->conn_tx_hash,
552 data_buf, data_buf_len,
553 padding,
554 (u8 *)&cmd->pad_bytes,
555 (u8 *)&cmd->data_crc);
556
557 iov[niov].iov_base = &cmd->data_crc;
558 iov[niov++].iov_len = ISCSI_CRC_LEN;
559 tx_size += ISCSI_CRC_LEN;
560 pr_debug("Attached DataDigest for %u"
561 " bytes opcode 0x%x, CRC 0x%08x\n",
562 data_buf_len, hdr->opcode, cmd->data_crc);
563 }
564 }
565
566 cmd->iov_misc_count = niov;
567 cmd->tx_size = tx_size;
568
569 ret = iscsit_send_tx_data(cmd, conn, 1);
570 if (ret < 0) {
571 iscsit_tx_thread_wait_for_tcp(conn);
572 return ret;
573 }
574
575 return 0;
576}
577
578static int iscsit_map_iovec(struct iscsi_cmd *, struct kvec *, u32, u32);
579static void iscsit_unmap_iovec(struct iscsi_cmd *);
580static u32 iscsit_do_crypto_hash_sg(struct ahash_request *, struct iscsi_cmd *,
581 u32, u32, u32, u8 *);
582static int
583iscsit_xmit_datain_pdu(struct iscsi_conn *conn, struct iscsi_cmd *cmd,
584 const struct iscsi_datain *datain)
585{
586 struct kvec *iov;
587 u32 iov_count = 0, tx_size = 0;
588 int ret, iov_ret;
589
590 iov = &cmd->iov_data[0];
591 iov[iov_count].iov_base = cmd->pdu;
592 iov[iov_count++].iov_len = ISCSI_HDR_LEN;
593 tx_size += ISCSI_HDR_LEN;
594
595 if (conn->conn_ops->HeaderDigest) {
596 u32 *header_digest = (u32 *)&cmd->pdu[ISCSI_HDR_LEN];
597
598 iscsit_do_crypto_hash_buf(conn->conn_tx_hash, cmd->pdu,
599 ISCSI_HDR_LEN, 0, NULL,
600 (u8 *)header_digest);
601
602 iov[0].iov_len += ISCSI_CRC_LEN;
603 tx_size += ISCSI_CRC_LEN;
604
605 pr_debug("Attaching CRC32 HeaderDigest for DataIN PDU 0x%08x\n",
606 *header_digest);
607 }
608
609 iov_ret = iscsit_map_iovec(cmd, &cmd->iov_data[1],
610 datain->offset, datain->length);
611 if (iov_ret < 0)
612 return -1;
613
614 iov_count += iov_ret;
615 tx_size += datain->length;
616
617 cmd->padding = ((-datain->length) & 3);
618 if (cmd->padding) {
619 iov[iov_count].iov_base = cmd->pad_bytes;
620 iov[iov_count++].iov_len = cmd->padding;
621 tx_size += cmd->padding;
622
623 pr_debug("Attaching %u padding bytes\n", cmd->padding);
624 }
625
626 if (conn->conn_ops->DataDigest) {
627 cmd->data_crc = iscsit_do_crypto_hash_sg(conn->conn_tx_hash,
628 cmd, datain->offset,
629 datain->length,
630 cmd->padding,
631 cmd->pad_bytes);
632
633 iov[iov_count].iov_base = &cmd->data_crc;
634 iov[iov_count++].iov_len = ISCSI_CRC_LEN;
635 tx_size += ISCSI_CRC_LEN;
636
637 pr_debug("Attached CRC32C DataDigest %d bytes, crc 0x%08x\n",
638 datain->length + cmd->padding, cmd->data_crc);
639 }
640
641 cmd->iov_data_count = iov_count;
642 cmd->tx_size = tx_size;
643
644 ret = iscsit_fe_sendpage_sg(cmd, conn);
645
646 iscsit_unmap_iovec(cmd);
647
648 if (ret < 0) {
649 iscsit_tx_thread_wait_for_tcp(conn);
650 return ret;
651 }
652
653 return 0;
654}
655
656static int iscsit_xmit_pdu(struct iscsi_conn *conn, struct iscsi_cmd *cmd,
657 struct iscsi_datain_req *dr, const void *buf,
658 u32 buf_len)
659{
660 if (dr)
661 return iscsit_xmit_datain_pdu(conn, cmd, buf);
662 else
663 return iscsit_xmit_nondatain_pdu(conn, cmd, buf, buf_len);
664}
665
666static enum target_prot_op iscsit_get_sup_prot_ops(struct iscsi_conn *conn)
667{
668 return TARGET_PROT_NORMAL;
669}
670
671static struct iscsit_transport iscsi_target_transport = {
672 .name = "iSCSI/TCP",
673 .transport_type = ISCSI_TCP,
674 .rdma_shutdown = false,
675 .owner = NULL,
676 .iscsit_setup_np = iscsit_setup_np,
677 .iscsit_accept_np = iscsit_accept_np,
678 .iscsit_free_np = iscsit_free_np,
679 .iscsit_get_login_rx = iscsit_get_login_rx,
680 .iscsit_put_login_tx = iscsit_put_login_tx,
681 .iscsit_get_dataout = iscsit_build_r2ts_for_cmd,
682 .iscsit_immediate_queue = iscsit_immediate_queue,
683 .iscsit_response_queue = iscsit_response_queue,
684 .iscsit_queue_data_in = iscsit_queue_rsp,
685 .iscsit_queue_status = iscsit_queue_rsp,
686 .iscsit_aborted_task = iscsit_aborted_task,
687 .iscsit_xmit_pdu = iscsit_xmit_pdu,
688 .iscsit_get_rx_pdu = iscsit_get_rx_pdu,
689 .iscsit_get_sup_prot_ops = iscsit_get_sup_prot_ops,
690};
691
692static int __init iscsi_target_init_module(void)
693{
694 int ret = 0, size;
695
696 pr_debug("iSCSI-Target "ISCSIT_VERSION"\n");
697
698 iscsit_global = kzalloc(sizeof(struct iscsit_global), GFP_KERNEL);
699 if (!iscsit_global) {
700 pr_err("Unable to allocate memory for iscsit_global\n");
701 return -1;
702 }
703 spin_lock_init(&iscsit_global->ts_bitmap_lock);
704 mutex_init(&auth_id_lock);
705 spin_lock_init(&sess_idr_lock);
706 idr_init(&tiqn_idr);
707 idr_init(&sess_idr);
708
709 ret = target_register_template(&iscsi_ops);
710 if (ret)
711 goto out;
712
713 size = BITS_TO_LONGS(ISCSIT_BITMAP_BITS) * sizeof(long);
714 iscsit_global->ts_bitmap = vzalloc(size);
715 if (!iscsit_global->ts_bitmap) {
716 pr_err("Unable to allocate iscsit_global->ts_bitmap\n");
717 goto configfs_out;
718 }
719
720 lio_qr_cache = kmem_cache_create("lio_qr_cache",
721 sizeof(struct iscsi_queue_req),
722 __alignof__(struct iscsi_queue_req), 0, NULL);
723 if (!lio_qr_cache) {
724 pr_err("nable to kmem_cache_create() for"
725 " lio_qr_cache\n");
726 goto bitmap_out;
727 }
728
729 lio_dr_cache = kmem_cache_create("lio_dr_cache",
730 sizeof(struct iscsi_datain_req),
731 __alignof__(struct iscsi_datain_req), 0, NULL);
732 if (!lio_dr_cache) {
733 pr_err("Unable to kmem_cache_create() for"
734 " lio_dr_cache\n");
735 goto qr_out;
736 }
737
738 lio_ooo_cache = kmem_cache_create("lio_ooo_cache",
739 sizeof(struct iscsi_ooo_cmdsn),
740 __alignof__(struct iscsi_ooo_cmdsn), 0, NULL);
741 if (!lio_ooo_cache) {
742 pr_err("Unable to kmem_cache_create() for"
743 " lio_ooo_cache\n");
744 goto dr_out;
745 }
746
747 lio_r2t_cache = kmem_cache_create("lio_r2t_cache",
748 sizeof(struct iscsi_r2t), __alignof__(struct iscsi_r2t),
749 0, NULL);
750 if (!lio_r2t_cache) {
751 pr_err("Unable to kmem_cache_create() for"
752 " lio_r2t_cache\n");
753 goto ooo_out;
754 }
755
756 iscsit_register_transport(&iscsi_target_transport);
757
758 if (iscsit_load_discovery_tpg() < 0)
759 goto r2t_out;
760
761 return ret;
762r2t_out:
763 iscsit_unregister_transport(&iscsi_target_transport);
764 kmem_cache_destroy(lio_r2t_cache);
765ooo_out:
766 kmem_cache_destroy(lio_ooo_cache);
767dr_out:
768 kmem_cache_destroy(lio_dr_cache);
769qr_out:
770 kmem_cache_destroy(lio_qr_cache);
771bitmap_out:
772 vfree(iscsit_global->ts_bitmap);
773configfs_out:
774
775 if (iscsit_global->discovery_tpg)
776 iscsit_tpg_disable_portal_group(iscsit_global->discovery_tpg, 1);
777 target_unregister_template(&iscsi_ops);
778out:
779 kfree(iscsit_global);
780 return -ENOMEM;
781}
782
783static void __exit iscsi_target_cleanup_module(void)
784{
785 iscsit_release_discovery_tpg();
786 iscsit_unregister_transport(&iscsi_target_transport);
787 kmem_cache_destroy(lio_qr_cache);
788 kmem_cache_destroy(lio_dr_cache);
789 kmem_cache_destroy(lio_ooo_cache);
790 kmem_cache_destroy(lio_r2t_cache);
791
792
793
794
795 if (iscsit_global->discovery_tpg)
796 iscsit_tpg_disable_portal_group(iscsit_global->discovery_tpg, 1);
797
798 target_unregister_template(&iscsi_ops);
799
800 vfree(iscsit_global->ts_bitmap);
801 kfree(iscsit_global);
802}
803
804int iscsit_add_reject(
805 struct iscsi_conn *conn,
806 u8 reason,
807 unsigned char *buf)
808{
809 struct iscsi_cmd *cmd;
810
811 cmd = iscsit_allocate_cmd(conn, TASK_INTERRUPTIBLE);
812 if (!cmd)
813 return -1;
814
815 cmd->iscsi_opcode = ISCSI_OP_REJECT;
816 cmd->reject_reason = reason;
817
818 cmd->buf_ptr = kmemdup(buf, ISCSI_HDR_LEN, GFP_KERNEL);
819 if (!cmd->buf_ptr) {
820 pr_err("Unable to allocate memory for cmd->buf_ptr\n");
821 iscsit_free_cmd(cmd, false);
822 return -1;
823 }
824
825 spin_lock_bh(&conn->cmd_lock);
826 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list);
827 spin_unlock_bh(&conn->cmd_lock);
828
829 cmd->i_state = ISTATE_SEND_REJECT;
830 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state);
831
832 return -1;
833}
834EXPORT_SYMBOL(iscsit_add_reject);
835
836static int iscsit_add_reject_from_cmd(
837 struct iscsi_cmd *cmd,
838 u8 reason,
839 bool add_to_conn,
840 unsigned char *buf)
841{
842 struct iscsi_conn *conn;
843
844 if (!cmd->conn) {
845 pr_err("cmd->conn is NULL for ITT: 0x%08x\n",
846 cmd->init_task_tag);
847 return -1;
848 }
849 conn = cmd->conn;
850
851 cmd->iscsi_opcode = ISCSI_OP_REJECT;
852 cmd->reject_reason = reason;
853
854 cmd->buf_ptr = kmemdup(buf, ISCSI_HDR_LEN, GFP_KERNEL);
855 if (!cmd->buf_ptr) {
856 pr_err("Unable to allocate memory for cmd->buf_ptr\n");
857 iscsit_free_cmd(cmd, false);
858 return -1;
859 }
860
861 if (add_to_conn) {
862 spin_lock_bh(&conn->cmd_lock);
863 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list);
864 spin_unlock_bh(&conn->cmd_lock);
865 }
866
867 cmd->i_state = ISTATE_SEND_REJECT;
868 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state);
869
870
871
872
873 if (cmd->se_cmd.se_tfo != NULL) {
874 pr_debug("iscsi reject: calling target_put_sess_cmd >>>>>>\n");
875 target_put_sess_cmd(&cmd->se_cmd);
876 }
877 return -1;
878}
879
880static int iscsit_add_reject_cmd(struct iscsi_cmd *cmd, u8 reason,
881 unsigned char *buf)
882{
883 return iscsit_add_reject_from_cmd(cmd, reason, true, buf);
884}
885
886int iscsit_reject_cmd(struct iscsi_cmd *cmd, u8 reason, unsigned char *buf)
887{
888 return iscsit_add_reject_from_cmd(cmd, reason, false, buf);
889}
890EXPORT_SYMBOL(iscsit_reject_cmd);
891
892
893
894
895
896static int iscsit_map_iovec(
897 struct iscsi_cmd *cmd,
898 struct kvec *iov,
899 u32 data_offset,
900 u32 data_length)
901{
902 u32 i = 0;
903 struct scatterlist *sg;
904 unsigned int page_off;
905
906
907
908
909 u32 ent = data_offset / PAGE_SIZE;
910
911 if (ent >= cmd->se_cmd.t_data_nents) {
912 pr_err("Initial page entry out-of-bounds\n");
913 return -1;
914 }
915
916 sg = &cmd->se_cmd.t_data_sg[ent];
917 page_off = (data_offset % PAGE_SIZE);
918
919 cmd->first_data_sg = sg;
920 cmd->first_data_sg_off = page_off;
921
922 while (data_length) {
923 u32 cur_len = min_t(u32, data_length, sg->length - page_off);
924
925 iov[i].iov_base = kmap(sg_page(sg)) + sg->offset + page_off;
926 iov[i].iov_len = cur_len;
927
928 data_length -= cur_len;
929 page_off = 0;
930 sg = sg_next(sg);
931 i++;
932 }
933
934 cmd->kmapped_nents = i;
935
936 return i;
937}
938
939static void iscsit_unmap_iovec(struct iscsi_cmd *cmd)
940{
941 u32 i;
942 struct scatterlist *sg;
943
944 sg = cmd->first_data_sg;
945
946 for (i = 0; i < cmd->kmapped_nents; i++)
947 kunmap(sg_page(&sg[i]));
948}
949
950static void iscsit_ack_from_expstatsn(struct iscsi_conn *conn, u32 exp_statsn)
951{
952 LIST_HEAD(ack_list);
953 struct iscsi_cmd *cmd, *cmd_p;
954
955 conn->exp_statsn = exp_statsn;
956
957 if (conn->sess->sess_ops->RDMAExtensions)
958 return;
959
960 spin_lock_bh(&conn->cmd_lock);
961 list_for_each_entry_safe(cmd, cmd_p, &conn->conn_cmd_list, i_conn_node) {
962 spin_lock(&cmd->istate_lock);
963 if ((cmd->i_state == ISTATE_SENT_STATUS) &&
964 iscsi_sna_lt(cmd->stat_sn, exp_statsn)) {
965 cmd->i_state = ISTATE_REMOVE;
966 spin_unlock(&cmd->istate_lock);
967 list_move_tail(&cmd->i_conn_node, &ack_list);
968 continue;
969 }
970 spin_unlock(&cmd->istate_lock);
971 }
972 spin_unlock_bh(&conn->cmd_lock);
973
974 list_for_each_entry_safe(cmd, cmd_p, &ack_list, i_conn_node) {
975 list_del_init(&cmd->i_conn_node);
976 iscsit_free_cmd(cmd, false);
977 }
978}
979
980static int iscsit_allocate_iovecs(struct iscsi_cmd *cmd)
981{
982 u32 iov_count = max(1UL, DIV_ROUND_UP(cmd->se_cmd.data_length, PAGE_SIZE));
983
984 iov_count += ISCSI_IOV_DATA_BUFFER;
985
986 cmd->iov_data = kzalloc(iov_count * sizeof(struct kvec), GFP_KERNEL);
987 if (!cmd->iov_data) {
988 pr_err("Unable to allocate cmd->iov_data\n");
989 return -ENOMEM;
990 }
991
992 cmd->orig_iov_data_count = iov_count;
993 return 0;
994}
995
996int iscsit_setup_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd,
997 unsigned char *buf)
998{
999 int data_direction, payload_length;
1000 struct iscsi_scsi_req *hdr;
1001 int iscsi_task_attr;
1002 int sam_task_attr;
1003
1004 atomic_long_inc(&conn->sess->cmd_pdus);
1005
1006 hdr = (struct iscsi_scsi_req *) buf;
1007 payload_length = ntoh24(hdr->dlength);
1008
1009
1010
1011 if (!(hdr->flags & ISCSI_FLAG_CMD_WRITE) &&
1012 !(hdr->flags & ISCSI_FLAG_CMD_FINAL)) {
1013 pr_err("ISCSI_FLAG_CMD_WRITE & ISCSI_FLAG_CMD_FINAL"
1014 " not set. Bad iSCSI Initiator.\n");
1015 return iscsit_add_reject_cmd(cmd,
1016 ISCSI_REASON_BOOKMARK_INVALID, buf);
1017 }
1018
1019 if (((hdr->flags & ISCSI_FLAG_CMD_READ) ||
1020 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) && !hdr->data_length) {
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031 hdr->flags &= ~ISCSI_FLAG_CMD_READ;
1032 hdr->flags &= ~ISCSI_FLAG_CMD_WRITE;
1033
1034 pr_warn("ISCSI_FLAG_CMD_READ or ISCSI_FLAG_CMD_WRITE"
1035 " set when Expected Data Transfer Length is 0 for"
1036 " CDB: 0x%02x, Fixing up flags\n", hdr->cdb[0]);
1037 }
1038
1039 if (!(hdr->flags & ISCSI_FLAG_CMD_READ) &&
1040 !(hdr->flags & ISCSI_FLAG_CMD_WRITE) && (hdr->data_length != 0)) {
1041 pr_err("ISCSI_FLAG_CMD_READ and/or ISCSI_FLAG_CMD_WRITE"
1042 " MUST be set if Expected Data Transfer Length is not 0."
1043 " Bad iSCSI Initiator\n");
1044 return iscsit_add_reject_cmd(cmd,
1045 ISCSI_REASON_BOOKMARK_INVALID, buf);
1046 }
1047
1048 if ((hdr->flags & ISCSI_FLAG_CMD_READ) &&
1049 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) {
1050 pr_err("Bidirectional operations not supported!\n");
1051 return iscsit_add_reject_cmd(cmd,
1052 ISCSI_REASON_BOOKMARK_INVALID, buf);
1053 }
1054
1055 if (hdr->opcode & ISCSI_OP_IMMEDIATE) {
1056 pr_err("Illegally set Immediate Bit in iSCSI Initiator"
1057 " Scsi Command PDU.\n");
1058 return iscsit_add_reject_cmd(cmd,
1059 ISCSI_REASON_BOOKMARK_INVALID, buf);
1060 }
1061
1062 if (payload_length && !conn->sess->sess_ops->ImmediateData) {
1063 pr_err("ImmediateData=No but DataSegmentLength=%u,"
1064 " protocol error.\n", payload_length);
1065 return iscsit_add_reject_cmd(cmd,
1066 ISCSI_REASON_PROTOCOL_ERROR, buf);
1067 }
1068
1069 if ((be32_to_cpu(hdr->data_length) == payload_length) &&
1070 (!(hdr->flags & ISCSI_FLAG_CMD_FINAL))) {
1071 pr_err("Expected Data Transfer Length and Length of"
1072 " Immediate Data are the same, but ISCSI_FLAG_CMD_FINAL"
1073 " bit is not set protocol error\n");
1074 return iscsit_add_reject_cmd(cmd,
1075 ISCSI_REASON_PROTOCOL_ERROR, buf);
1076 }
1077
1078 if (payload_length > be32_to_cpu(hdr->data_length)) {
1079 pr_err("DataSegmentLength: %u is greater than"
1080 " EDTL: %u, protocol error.\n", payload_length,
1081 hdr->data_length);
1082 return iscsit_add_reject_cmd(cmd,
1083 ISCSI_REASON_PROTOCOL_ERROR, buf);
1084 }
1085
1086 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) {
1087 pr_err("DataSegmentLength: %u is greater than"
1088 " MaxXmitDataSegmentLength: %u, protocol error.\n",
1089 payload_length, conn->conn_ops->MaxXmitDataSegmentLength);
1090 return iscsit_add_reject_cmd(cmd,
1091 ISCSI_REASON_PROTOCOL_ERROR, buf);
1092 }
1093
1094 if (payload_length > conn->sess->sess_ops->FirstBurstLength) {
1095 pr_err("DataSegmentLength: %u is greater than"
1096 " FirstBurstLength: %u, protocol error.\n",
1097 payload_length, conn->sess->sess_ops->FirstBurstLength);
1098 return iscsit_add_reject_cmd(cmd,
1099 ISCSI_REASON_BOOKMARK_INVALID, buf);
1100 }
1101
1102 data_direction = (hdr->flags & ISCSI_FLAG_CMD_WRITE) ? DMA_TO_DEVICE :
1103 (hdr->flags & ISCSI_FLAG_CMD_READ) ? DMA_FROM_DEVICE :
1104 DMA_NONE;
1105
1106 cmd->data_direction = data_direction;
1107 iscsi_task_attr = hdr->flags & ISCSI_FLAG_CMD_ATTR_MASK;
1108
1109
1110
1111 if ((iscsi_task_attr == ISCSI_ATTR_UNTAGGED) ||
1112 (iscsi_task_attr == ISCSI_ATTR_SIMPLE))
1113 sam_task_attr = TCM_SIMPLE_TAG;
1114 else if (iscsi_task_attr == ISCSI_ATTR_ORDERED)
1115 sam_task_attr = TCM_ORDERED_TAG;
1116 else if (iscsi_task_attr == ISCSI_ATTR_HEAD_OF_QUEUE)
1117 sam_task_attr = TCM_HEAD_TAG;
1118 else if (iscsi_task_attr == ISCSI_ATTR_ACA)
1119 sam_task_attr = TCM_ACA_TAG;
1120 else {
1121 pr_debug("Unknown iSCSI Task Attribute: 0x%02x, using"
1122 " TCM_SIMPLE_TAG\n", iscsi_task_attr);
1123 sam_task_attr = TCM_SIMPLE_TAG;
1124 }
1125
1126 cmd->iscsi_opcode = ISCSI_OP_SCSI_CMD;
1127 cmd->i_state = ISTATE_NEW_CMD;
1128 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0);
1129 cmd->immediate_data = (payload_length) ? 1 : 0;
1130 cmd->unsolicited_data = ((!(hdr->flags & ISCSI_FLAG_CMD_FINAL) &&
1131 (hdr->flags & ISCSI_FLAG_CMD_WRITE)) ? 1 : 0);
1132 if (cmd->unsolicited_data)
1133 cmd->cmd_flags |= ICF_NON_IMMEDIATE_UNSOLICITED_DATA;
1134
1135 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt;
1136 if (hdr->flags & ISCSI_FLAG_CMD_READ)
1137 cmd->targ_xfer_tag = session_get_next_ttt(conn->sess);
1138 else
1139 cmd->targ_xfer_tag = 0xFFFFFFFF;
1140 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn);
1141 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn);
1142 cmd->first_burst_len = payload_length;
1143
1144 if (!conn->sess->sess_ops->RDMAExtensions &&
1145 cmd->data_direction == DMA_FROM_DEVICE) {
1146 struct iscsi_datain_req *dr;
1147
1148 dr = iscsit_allocate_datain_req();
1149 if (!dr)
1150 return iscsit_add_reject_cmd(cmd,
1151 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf);
1152
1153 iscsit_attach_datain_req(cmd, dr);
1154 }
1155
1156
1157
1158
1159 transport_init_se_cmd(&cmd->se_cmd, &iscsi_ops,
1160 conn->sess->se_sess, be32_to_cpu(hdr->data_length),
1161 cmd->data_direction, sam_task_attr,
1162 cmd->sense_buffer + 2);
1163
1164 pr_debug("Got SCSI Command, ITT: 0x%08x, CmdSN: 0x%08x,"
1165 " ExpXferLen: %u, Length: %u, CID: %hu\n", hdr->itt,
1166 hdr->cmdsn, be32_to_cpu(hdr->data_length), payload_length,
1167 conn->cid);
1168
1169 target_get_sess_cmd(&cmd->se_cmd, true);
1170
1171 cmd->sense_reason = transport_lookup_cmd_lun(&cmd->se_cmd,
1172 scsilun_to_int(&hdr->lun));
1173 if (cmd->sense_reason)
1174 goto attach_cmd;
1175
1176
1177 cmd->se_cmd.tag = (__force u32)cmd->init_task_tag;
1178 cmd->sense_reason = target_setup_cmd_from_cdb(&cmd->se_cmd, hdr->cdb);
1179 if (cmd->sense_reason) {
1180 if (cmd->sense_reason == TCM_OUT_OF_RESOURCES) {
1181 return iscsit_add_reject_cmd(cmd,
1182 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf);
1183 }
1184
1185 goto attach_cmd;
1186 }
1187
1188 if (iscsit_build_pdu_and_seq_lists(cmd, payload_length) < 0) {
1189 return iscsit_add_reject_cmd(cmd,
1190 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf);
1191 }
1192
1193attach_cmd:
1194 spin_lock_bh(&conn->cmd_lock);
1195 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list);
1196 spin_unlock_bh(&conn->cmd_lock);
1197
1198
1199
1200
1201 core_alua_check_nonop_delay(&cmd->se_cmd);
1202
1203 return 0;
1204}
1205EXPORT_SYMBOL(iscsit_setup_scsi_cmd);
1206
1207void iscsit_set_unsoliticed_dataout(struct iscsi_cmd *cmd)
1208{
1209 iscsit_set_dataout_sequence_values(cmd);
1210
1211 spin_lock_bh(&cmd->dataout_timeout_lock);
1212 iscsit_start_dataout_timer(cmd, cmd->conn);
1213 spin_unlock_bh(&cmd->dataout_timeout_lock);
1214}
1215EXPORT_SYMBOL(iscsit_set_unsoliticed_dataout);
1216
1217int iscsit_process_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd,
1218 struct iscsi_scsi_req *hdr)
1219{
1220 int cmdsn_ret = 0;
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231 if (!cmd->immediate_data) {
1232 cmdsn_ret = iscsit_sequence_cmd(conn, cmd,
1233 (unsigned char *)hdr, hdr->cmdsn);
1234 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER)
1235 return -1;
1236 else if (cmdsn_ret == CMDSN_LOWER_THAN_EXP) {
1237 target_put_sess_cmd(&cmd->se_cmd);
1238 return 0;
1239 }
1240 }
1241
1242 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn));
1243
1244
1245
1246
1247 if (!cmd->immediate_data) {
1248 if (!cmd->sense_reason && cmd->unsolicited_data)
1249 iscsit_set_unsoliticed_dataout(cmd);
1250 if (!cmd->sense_reason)
1251 return 0;
1252
1253 target_put_sess_cmd(&cmd->se_cmd);
1254 return 0;
1255 }
1256
1257
1258
1259
1260
1261
1262 if (cmd->sense_reason) {
1263 if (cmd->reject_reason)
1264 return 0;
1265
1266 return 1;
1267 }
1268
1269
1270
1271
1272 cmd->sense_reason = transport_generic_new_cmd(&cmd->se_cmd);
1273 if (cmd->sense_reason)
1274 return 1;
1275
1276 return 0;
1277}
1278EXPORT_SYMBOL(iscsit_process_scsi_cmd);
1279
1280static int
1281iscsit_get_immediate_data(struct iscsi_cmd *cmd, struct iscsi_scsi_req *hdr,
1282 bool dump_payload)
1283{
1284 int cmdsn_ret = 0, immed_ret = IMMEDIATE_DATA_NORMAL_OPERATION;
1285
1286
1287
1288 if (dump_payload)
1289 goto after_immediate_data;
1290
1291 immed_ret = iscsit_handle_immediate_data(cmd, hdr,
1292 cmd->first_burst_len);
1293after_immediate_data:
1294 if (immed_ret == IMMEDIATE_DATA_NORMAL_OPERATION) {
1295
1296
1297
1298
1299
1300 cmdsn_ret = iscsit_sequence_cmd(cmd->conn, cmd,
1301 (unsigned char *)hdr, hdr->cmdsn);
1302 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER)
1303 return -1;
1304
1305 if (cmd->sense_reason || cmdsn_ret == CMDSN_LOWER_THAN_EXP) {
1306 int rc;
1307
1308 rc = iscsit_dump_data_payload(cmd->conn,
1309 cmd->first_burst_len, 1);
1310 target_put_sess_cmd(&cmd->se_cmd);
1311 return rc;
1312 } else if (cmd->unsolicited_data)
1313 iscsit_set_unsoliticed_dataout(cmd);
1314
1315 } else if (immed_ret == IMMEDIATE_DATA_ERL1_CRC_FAILURE) {
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327 cmd->i_state = ISTATE_REMOVE;
1328 iscsit_add_cmd_to_immediate_queue(cmd, cmd->conn, cmd->i_state);
1329 } else
1330 return -1;
1331
1332 return 0;
1333}
1334
1335static int
1336iscsit_handle_scsi_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd,
1337 unsigned char *buf)
1338{
1339 struct iscsi_scsi_req *hdr = (struct iscsi_scsi_req *)buf;
1340 int rc, immed_data;
1341 bool dump_payload = false;
1342
1343 rc = iscsit_setup_scsi_cmd(conn, cmd, buf);
1344 if (rc < 0)
1345 return 0;
1346
1347
1348
1349
1350 if (iscsit_allocate_iovecs(cmd) < 0) {
1351 return iscsit_reject_cmd(cmd,
1352 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf);
1353 }
1354 immed_data = cmd->immediate_data;
1355
1356 rc = iscsit_process_scsi_cmd(conn, cmd, hdr);
1357 if (rc < 0)
1358 return rc;
1359 else if (rc > 0)
1360 dump_payload = true;
1361
1362 if (!immed_data)
1363 return 0;
1364
1365 return iscsit_get_immediate_data(cmd, hdr, dump_payload);
1366}
1367
1368static u32 iscsit_do_crypto_hash_sg(
1369 struct ahash_request *hash,
1370 struct iscsi_cmd *cmd,
1371 u32 data_offset,
1372 u32 data_length,
1373 u32 padding,
1374 u8 *pad_bytes)
1375{
1376 u32 data_crc;
1377 struct scatterlist *sg;
1378 unsigned int page_off;
1379
1380 crypto_ahash_init(hash);
1381
1382 sg = cmd->first_data_sg;
1383 page_off = cmd->first_data_sg_off;
1384
1385 while (data_length) {
1386 u32 cur_len = min_t(u32, data_length, (sg->length - page_off));
1387
1388 ahash_request_set_crypt(hash, sg, NULL, cur_len);
1389 crypto_ahash_update(hash);
1390
1391 data_length -= cur_len;
1392 page_off = 0;
1393
1394 sg = sg_next(sg);
1395 }
1396
1397 if (padding) {
1398 struct scatterlist pad_sg;
1399
1400 sg_init_one(&pad_sg, pad_bytes, padding);
1401 ahash_request_set_crypt(hash, &pad_sg, (u8 *)&data_crc,
1402 padding);
1403 crypto_ahash_finup(hash);
1404 } else {
1405 ahash_request_set_crypt(hash, NULL, (u8 *)&data_crc, 0);
1406 crypto_ahash_final(hash);
1407 }
1408
1409 return data_crc;
1410}
1411
1412static void iscsit_do_crypto_hash_buf(
1413 struct ahash_request *hash,
1414 const void *buf,
1415 u32 payload_length,
1416 u32 padding,
1417 u8 *pad_bytes,
1418 u8 *data_crc)
1419{
1420 struct scatterlist sg[2];
1421
1422 sg_init_table(sg, ARRAY_SIZE(sg));
1423 sg_set_buf(sg, buf, payload_length);
1424 sg_set_buf(sg + 1, pad_bytes, padding);
1425
1426 ahash_request_set_crypt(hash, sg, data_crc, payload_length + padding);
1427
1428 crypto_ahash_digest(hash);
1429}
1430
1431int
1432iscsit_check_dataout_hdr(struct iscsi_conn *conn, unsigned char *buf,
1433 struct iscsi_cmd **out_cmd)
1434{
1435 struct iscsi_data *hdr = (struct iscsi_data *)buf;
1436 struct iscsi_cmd *cmd = NULL;
1437 struct se_cmd *se_cmd;
1438 u32 payload_length = ntoh24(hdr->dlength);
1439 int rc;
1440
1441 if (!payload_length) {
1442 pr_warn("DataOUT payload is ZERO, ignoring.\n");
1443 return 0;
1444 }
1445
1446
1447 atomic_long_add(payload_length, &conn->sess->rx_data_octets);
1448
1449 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) {
1450 pr_err("DataSegmentLength: %u is greater than"
1451 " MaxXmitDataSegmentLength: %u\n", payload_length,
1452 conn->conn_ops->MaxXmitDataSegmentLength);
1453 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR,
1454 buf);
1455 }
1456
1457 cmd = iscsit_find_cmd_from_itt_or_dump(conn, hdr->itt,
1458 payload_length);
1459 if (!cmd)
1460 return 0;
1461
1462 pr_debug("Got DataOut ITT: 0x%08x, TTT: 0x%08x,"
1463 " DataSN: 0x%08x, Offset: %u, Length: %u, CID: %hu\n",
1464 hdr->itt, hdr->ttt, hdr->datasn, ntohl(hdr->offset),
1465 payload_length, conn->cid);
1466
1467 if (cmd->cmd_flags & ICF_GOT_LAST_DATAOUT) {
1468 pr_err("Command ITT: 0x%08x received DataOUT after"
1469 " last DataOUT received, dumping payload\n",
1470 cmd->init_task_tag);
1471 return iscsit_dump_data_payload(conn, payload_length, 1);
1472 }
1473
1474 if (cmd->data_direction != DMA_TO_DEVICE) {
1475 pr_err("Command ITT: 0x%08x received DataOUT for a"
1476 " NON-WRITE command.\n", cmd->init_task_tag);
1477 return iscsit_dump_data_payload(conn, payload_length, 1);
1478 }
1479 se_cmd = &cmd->se_cmd;
1480 iscsit_mod_dataout_timer(cmd);
1481
1482 if ((be32_to_cpu(hdr->offset) + payload_length) > cmd->se_cmd.data_length) {
1483 pr_err("DataOut Offset: %u, Length %u greater than"
1484 " iSCSI Command EDTL %u, protocol error.\n",
1485 hdr->offset, payload_length, cmd->se_cmd.data_length);
1486 return iscsit_reject_cmd(cmd, ISCSI_REASON_BOOKMARK_INVALID, buf);
1487 }
1488
1489 if (cmd->unsolicited_data) {
1490 int dump_unsolicited_data = 0;
1491
1492 if (conn->sess->sess_ops->InitialR2T) {
1493 pr_err("Received unexpected unsolicited data"
1494 " while InitialR2T=Yes, protocol error.\n");
1495 transport_send_check_condition_and_sense(&cmd->se_cmd,
1496 TCM_UNEXPECTED_UNSOLICITED_DATA, 0);
1497 return -1;
1498 }
1499
1500
1501
1502
1503
1504
1505
1506 WARN_ON(se_cmd->t_state != TRANSPORT_WRITE_PENDING);
1507 if (!(se_cmd->se_cmd_flags & SCF_SUPPORTED_SAM_OPCODE))
1508 dump_unsolicited_data = 1;
1509
1510 if (dump_unsolicited_data) {
1511
1512
1513
1514
1515
1516 if (hdr->flags & ISCSI_FLAG_CMD_FINAL)
1517 iscsit_stop_dataout_timer(cmd);
1518
1519 transport_check_aborted_status(se_cmd,
1520 (hdr->flags & ISCSI_FLAG_CMD_FINAL));
1521 return iscsit_dump_data_payload(conn, payload_length, 1);
1522 }
1523 } else {
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534 if (se_cmd->transport_state & CMD_T_ABORTED) {
1535 if (hdr->flags & ISCSI_FLAG_CMD_FINAL)
1536 if (--cmd->outstanding_r2ts < 1) {
1537 iscsit_stop_dataout_timer(cmd);
1538 transport_check_aborted_status(
1539 se_cmd, 1);
1540 }
1541
1542 return iscsit_dump_data_payload(conn, payload_length, 1);
1543 }
1544 }
1545
1546
1547
1548
1549 rc = iscsit_check_pre_dataout(cmd, buf);
1550 if (rc == DATAOUT_WITHIN_COMMAND_RECOVERY)
1551 return 0;
1552 else if (rc == DATAOUT_CANNOT_RECOVER)
1553 return -1;
1554
1555 *out_cmd = cmd;
1556 return 0;
1557}
1558EXPORT_SYMBOL(iscsit_check_dataout_hdr);
1559
1560static int
1561iscsit_get_dataout(struct iscsi_conn *conn, struct iscsi_cmd *cmd,
1562 struct iscsi_data *hdr)
1563{
1564 struct kvec *iov;
1565 u32 checksum, iov_count = 0, padding = 0, rx_got = 0, rx_size = 0;
1566 u32 payload_length = ntoh24(hdr->dlength);
1567 int iov_ret, data_crc_failed = 0;
1568
1569 rx_size += payload_length;
1570 iov = &cmd->iov_data[0];
1571
1572 iov_ret = iscsit_map_iovec(cmd, iov, be32_to_cpu(hdr->offset),
1573 payload_length);
1574 if (iov_ret < 0)
1575 return -1;
1576
1577 iov_count += iov_ret;
1578
1579 padding = ((-payload_length) & 3);
1580 if (padding != 0) {
1581 iov[iov_count].iov_base = cmd->pad_bytes;
1582 iov[iov_count++].iov_len = padding;
1583 rx_size += padding;
1584 pr_debug("Receiving %u padding bytes.\n", padding);
1585 }
1586
1587 if (conn->conn_ops->DataDigest) {
1588 iov[iov_count].iov_base = &checksum;
1589 iov[iov_count++].iov_len = ISCSI_CRC_LEN;
1590 rx_size += ISCSI_CRC_LEN;
1591 }
1592
1593 rx_got = rx_data(conn, &cmd->iov_data[0], iov_count, rx_size);
1594
1595 iscsit_unmap_iovec(cmd);
1596
1597 if (rx_got != rx_size)
1598 return -1;
1599
1600 if (conn->conn_ops->DataDigest) {
1601 u32 data_crc;
1602
1603 data_crc = iscsit_do_crypto_hash_sg(conn->conn_rx_hash, cmd,
1604 be32_to_cpu(hdr->offset),
1605 payload_length, padding,
1606 cmd->pad_bytes);
1607
1608 if (checksum != data_crc) {
1609 pr_err("ITT: 0x%08x, Offset: %u, Length: %u,"
1610 " DataSN: 0x%08x, CRC32C DataDigest 0x%08x"
1611 " does not match computed 0x%08x\n",
1612 hdr->itt, hdr->offset, payload_length,
1613 hdr->datasn, checksum, data_crc);
1614 data_crc_failed = 1;
1615 } else {
1616 pr_debug("Got CRC32C DataDigest 0x%08x for"
1617 " %u bytes of Data Out\n", checksum,
1618 payload_length);
1619 }
1620 }
1621
1622 return data_crc_failed;
1623}
1624
1625int
1626iscsit_check_dataout_payload(struct iscsi_cmd *cmd, struct iscsi_data *hdr,
1627 bool data_crc_failed)
1628{
1629 struct iscsi_conn *conn = cmd->conn;
1630 int rc, ooo_cmdsn;
1631
1632
1633
1634
1635 rc = iscsit_check_post_dataout(cmd, (unsigned char *)hdr, data_crc_failed);
1636 if ((rc == DATAOUT_NORMAL) || (rc == DATAOUT_WITHIN_COMMAND_RECOVERY))
1637 return 0;
1638 else if (rc == DATAOUT_SEND_R2T) {
1639 iscsit_set_dataout_sequence_values(cmd);
1640 conn->conn_transport->iscsit_get_dataout(conn, cmd, false);
1641 } else if (rc == DATAOUT_SEND_TO_TRANSPORT) {
1642
1643
1644
1645
1646 spin_lock_bh(&cmd->istate_lock);
1647 ooo_cmdsn = (cmd->cmd_flags & ICF_OOO_CMDSN);
1648 cmd->cmd_flags |= ICF_GOT_LAST_DATAOUT;
1649 cmd->i_state = ISTATE_RECEIVED_LAST_DATAOUT;
1650 spin_unlock_bh(&cmd->istate_lock);
1651
1652 iscsit_stop_dataout_timer(cmd);
1653 if (ooo_cmdsn)
1654 return 0;
1655 target_execute_cmd(&cmd->se_cmd);
1656 return 0;
1657 } else
1658 return -1;
1659
1660 return 0;
1661}
1662EXPORT_SYMBOL(iscsit_check_dataout_payload);
1663
1664static int iscsit_handle_data_out(struct iscsi_conn *conn, unsigned char *buf)
1665{
1666 struct iscsi_cmd *cmd = NULL;
1667 struct iscsi_data *hdr = (struct iscsi_data *)buf;
1668 int rc;
1669 bool data_crc_failed = false;
1670
1671 rc = iscsit_check_dataout_hdr(conn, buf, &cmd);
1672 if (rc < 0)
1673 return 0;
1674 else if (!cmd)
1675 return 0;
1676
1677 rc = iscsit_get_dataout(conn, cmd, hdr);
1678 if (rc < 0)
1679 return rc;
1680 else if (rc > 0)
1681 data_crc_failed = true;
1682
1683 return iscsit_check_dataout_payload(cmd, hdr, data_crc_failed);
1684}
1685
1686int iscsit_setup_nop_out(struct iscsi_conn *conn, struct iscsi_cmd *cmd,
1687 struct iscsi_nopout *hdr)
1688{
1689 u32 payload_length = ntoh24(hdr->dlength);
1690
1691 if (!(hdr->flags & ISCSI_FLAG_CMD_FINAL)) {
1692 pr_err("NopOUT Flag's, Left Most Bit not set, protocol error.\n");
1693 if (!cmd)
1694 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR,
1695 (unsigned char *)hdr);
1696
1697 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR,
1698 (unsigned char *)hdr);
1699 }
1700
1701 if (hdr->itt == RESERVED_ITT && !(hdr->opcode & ISCSI_OP_IMMEDIATE)) {
1702 pr_err("NOPOUT ITT is reserved, but Immediate Bit is"
1703 " not set, protocol error.\n");
1704 if (!cmd)
1705 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR,
1706 (unsigned char *)hdr);
1707
1708 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR,
1709 (unsigned char *)hdr);
1710 }
1711
1712 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) {
1713 pr_err("NOPOUT Ping Data DataSegmentLength: %u is"
1714 " greater than MaxXmitDataSegmentLength: %u, protocol"
1715 " error.\n", payload_length,
1716 conn->conn_ops->MaxXmitDataSegmentLength);
1717 if (!cmd)
1718 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR,
1719 (unsigned char *)hdr);
1720
1721 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR,
1722 (unsigned char *)hdr);
1723 }
1724
1725 pr_debug("Got NOPOUT Ping %s ITT: 0x%08x, TTT: 0x%08x,"
1726 " CmdSN: 0x%08x, ExpStatSN: 0x%08x, Length: %u\n",
1727 hdr->itt == RESERVED_ITT ? "Response" : "Request",
1728 hdr->itt, hdr->ttt, hdr->cmdsn, hdr->exp_statsn,
1729 payload_length);
1730
1731
1732
1733
1734
1735
1736
1737 if (hdr->ttt == cpu_to_be32(0xFFFFFFFF)) {
1738 cmd->iscsi_opcode = ISCSI_OP_NOOP_OUT;
1739 cmd->i_state = ISTATE_SEND_NOPIN;
1740 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ?
1741 1 : 0);
1742 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt;
1743 cmd->targ_xfer_tag = 0xFFFFFFFF;
1744 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn);
1745 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn);
1746 cmd->data_direction = DMA_NONE;
1747 }
1748
1749 return 0;
1750}
1751EXPORT_SYMBOL(iscsit_setup_nop_out);
1752
1753int iscsit_process_nop_out(struct iscsi_conn *conn, struct iscsi_cmd *cmd,
1754 struct iscsi_nopout *hdr)
1755{
1756 struct iscsi_cmd *cmd_p = NULL;
1757 int cmdsn_ret = 0;
1758
1759
1760
1761 if (hdr->itt != RESERVED_ITT) {
1762 if (!cmd)
1763 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR,
1764 (unsigned char *)hdr);
1765
1766 spin_lock_bh(&conn->cmd_lock);
1767 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list);
1768 spin_unlock_bh(&conn->cmd_lock);
1769
1770 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn));
1771
1772 if (hdr->opcode & ISCSI_OP_IMMEDIATE) {
1773 iscsit_add_cmd_to_response_queue(cmd, conn,
1774 cmd->i_state);
1775 return 0;
1776 }
1777
1778 cmdsn_ret = iscsit_sequence_cmd(conn, cmd,
1779 (unsigned char *)hdr, hdr->cmdsn);
1780 if (cmdsn_ret == CMDSN_LOWER_THAN_EXP)
1781 return 0;
1782 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER)
1783 return -1;
1784
1785 return 0;
1786 }
1787
1788
1789
1790 if (hdr->ttt != cpu_to_be32(0xFFFFFFFF)) {
1791 cmd_p = iscsit_find_cmd_from_ttt(conn, be32_to_cpu(hdr->ttt));
1792 if (!cmd_p)
1793 return -EINVAL;
1794
1795 iscsit_stop_nopin_response_timer(conn);
1796
1797 cmd_p->i_state = ISTATE_REMOVE;
1798 iscsit_add_cmd_to_immediate_queue(cmd_p, conn, cmd_p->i_state);
1799
1800 iscsit_start_nopin_timer(conn);
1801 return 0;
1802 }
1803
1804
1805
1806
1807
1808 if (cmd)
1809 iscsit_free_cmd(cmd, false);
1810
1811 return 0;
1812}
1813EXPORT_SYMBOL(iscsit_process_nop_out);
1814
1815static int iscsit_handle_nop_out(struct iscsi_conn *conn, struct iscsi_cmd *cmd,
1816 unsigned char *buf)
1817{
1818 unsigned char *ping_data = NULL;
1819 struct iscsi_nopout *hdr = (struct iscsi_nopout *)buf;
1820 struct kvec *iov = NULL;
1821 u32 payload_length = ntoh24(hdr->dlength);
1822 int ret;
1823
1824 ret = iscsit_setup_nop_out(conn, cmd, hdr);
1825 if (ret < 0)
1826 return 0;
1827
1828
1829
1830 if (payload_length && hdr->ttt == cpu_to_be32(0xFFFFFFFF)) {
1831 u32 checksum, data_crc, padding = 0;
1832 int niov = 0, rx_got, rx_size = payload_length;
1833
1834 ping_data = kzalloc(payload_length + 1, GFP_KERNEL);
1835 if (!ping_data) {
1836 pr_err("Unable to allocate memory for"
1837 " NOPOUT ping data.\n");
1838 ret = -1;
1839 goto out;
1840 }
1841
1842 iov = &cmd->iov_misc[0];
1843 iov[niov].iov_base = ping_data;
1844 iov[niov++].iov_len = payload_length;
1845
1846 padding = ((-payload_length) & 3);
1847 if (padding != 0) {
1848 pr_debug("Receiving %u additional bytes"
1849 " for padding.\n", padding);
1850 iov[niov].iov_base = &cmd->pad_bytes;
1851 iov[niov++].iov_len = padding;
1852 rx_size += padding;
1853 }
1854 if (conn->conn_ops->DataDigest) {
1855 iov[niov].iov_base = &checksum;
1856 iov[niov++].iov_len = ISCSI_CRC_LEN;
1857 rx_size += ISCSI_CRC_LEN;
1858 }
1859
1860 rx_got = rx_data(conn, &cmd->iov_misc[0], niov, rx_size);
1861 if (rx_got != rx_size) {
1862 ret = -1;
1863 goto out;
1864 }
1865
1866 if (conn->conn_ops->DataDigest) {
1867 iscsit_do_crypto_hash_buf(conn->conn_rx_hash,
1868 ping_data, payload_length,
1869 padding, cmd->pad_bytes,
1870 (u8 *)&data_crc);
1871
1872 if (checksum != data_crc) {
1873 pr_err("Ping data CRC32C DataDigest"
1874 " 0x%08x does not match computed 0x%08x\n",
1875 checksum, data_crc);
1876 if (!conn->sess->sess_ops->ErrorRecoveryLevel) {
1877 pr_err("Unable to recover from"
1878 " NOPOUT Ping DataCRC failure while in"
1879 " ERL=0.\n");
1880 ret = -1;
1881 goto out;
1882 } else {
1883
1884
1885
1886
1887 pr_debug("Dropping NOPOUT"
1888 " Command CmdSN: 0x%08x due to"
1889 " DataCRC error.\n", hdr->cmdsn);
1890 ret = 0;
1891 goto out;
1892 }
1893 } else {
1894 pr_debug("Got CRC32C DataDigest"
1895 " 0x%08x for %u bytes of ping data.\n",
1896 checksum, payload_length);
1897 }
1898 }
1899
1900 ping_data[payload_length] = '\0';
1901
1902
1903
1904 cmd->buf_ptr = ping_data;
1905 cmd->buf_ptr_size = payload_length;
1906
1907 pr_debug("Got %u bytes of NOPOUT ping"
1908 " data.\n", payload_length);
1909 pr_debug("Ping Data: \"%s\"\n", ping_data);
1910 }
1911
1912 return iscsit_process_nop_out(conn, cmd, hdr);
1913out:
1914 if (cmd)
1915 iscsit_free_cmd(cmd, false);
1916
1917 kfree(ping_data);
1918 return ret;
1919}
1920
1921int
1922iscsit_handle_task_mgt_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd,
1923 unsigned char *buf)
1924{
1925 struct se_tmr_req *se_tmr;
1926 struct iscsi_tmr_req *tmr_req;
1927 struct iscsi_tm *hdr;
1928 int out_of_order_cmdsn = 0, ret;
1929 bool sess_ref = false;
1930 u8 function;
1931
1932 hdr = (struct iscsi_tm *) buf;
1933 hdr->flags &= ~ISCSI_FLAG_CMD_FINAL;
1934 function = hdr->flags;
1935
1936 pr_debug("Got Task Management Request ITT: 0x%08x, CmdSN:"
1937 " 0x%08x, Function: 0x%02x, RefTaskTag: 0x%08x, RefCmdSN:"
1938 " 0x%08x, CID: %hu\n", hdr->itt, hdr->cmdsn, function,
1939 hdr->rtt, hdr->refcmdsn, conn->cid);
1940
1941 if ((function != ISCSI_TM_FUNC_ABORT_TASK) &&
1942 ((function != ISCSI_TM_FUNC_TASK_REASSIGN) &&
1943 hdr->rtt != RESERVED_ITT)) {
1944 pr_err("RefTaskTag should be set to 0xFFFFFFFF.\n");
1945 hdr->rtt = RESERVED_ITT;
1946 }
1947
1948 if ((function == ISCSI_TM_FUNC_TASK_REASSIGN) &&
1949 !(hdr->opcode & ISCSI_OP_IMMEDIATE)) {
1950 pr_err("Task Management Request TASK_REASSIGN not"
1951 " issued as immediate command, bad iSCSI Initiator"
1952 "implementation\n");
1953 return iscsit_add_reject_cmd(cmd,
1954 ISCSI_REASON_PROTOCOL_ERROR, buf);
1955 }
1956 if ((function != ISCSI_TM_FUNC_ABORT_TASK) &&
1957 be32_to_cpu(hdr->refcmdsn) != ISCSI_RESERVED_TAG)
1958 hdr->refcmdsn = cpu_to_be32(ISCSI_RESERVED_TAG);
1959
1960 cmd->data_direction = DMA_NONE;
1961
1962 cmd->tmr_req = kzalloc(sizeof(struct iscsi_tmr_req), GFP_KERNEL);
1963 if (!cmd->tmr_req) {
1964 pr_err("Unable to allocate memory for"
1965 " Task Management command!\n");
1966 return iscsit_add_reject_cmd(cmd,
1967 ISCSI_REASON_BOOKMARK_NO_RESOURCES,
1968 buf);
1969 }
1970
1971
1972
1973
1974
1975 if (function != ISCSI_TM_FUNC_TASK_REASSIGN) {
1976
1977 u8 tcm_function;
1978 int ret;
1979
1980 transport_init_se_cmd(&cmd->se_cmd, &iscsi_ops,
1981 conn->sess->se_sess, 0, DMA_NONE,
1982 TCM_SIMPLE_TAG, cmd->sense_buffer + 2);
1983
1984 target_get_sess_cmd(&cmd->se_cmd, true);
1985 sess_ref = true;
1986
1987 switch (function) {
1988 case ISCSI_TM_FUNC_ABORT_TASK:
1989 tcm_function = TMR_ABORT_TASK;
1990 break;
1991 case ISCSI_TM_FUNC_ABORT_TASK_SET:
1992 tcm_function = TMR_ABORT_TASK_SET;
1993 break;
1994 case ISCSI_TM_FUNC_CLEAR_ACA:
1995 tcm_function = TMR_CLEAR_ACA;
1996 break;
1997 case ISCSI_TM_FUNC_CLEAR_TASK_SET:
1998 tcm_function = TMR_CLEAR_TASK_SET;
1999 break;
2000 case ISCSI_TM_FUNC_LOGICAL_UNIT_RESET:
2001 tcm_function = TMR_LUN_RESET;
2002 break;
2003 case ISCSI_TM_FUNC_TARGET_WARM_RESET:
2004 tcm_function = TMR_TARGET_WARM_RESET;
2005 break;
2006 case ISCSI_TM_FUNC_TARGET_COLD_RESET:
2007 tcm_function = TMR_TARGET_COLD_RESET;
2008 break;
2009 default:
2010 pr_err("Unknown iSCSI TMR Function:"
2011 " 0x%02x\n", function);
2012 return iscsit_add_reject_cmd(cmd,
2013 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf);
2014 }
2015
2016 ret = core_tmr_alloc_req(&cmd->se_cmd, cmd->tmr_req,
2017 tcm_function, GFP_KERNEL);
2018 if (ret < 0)
2019 return iscsit_add_reject_cmd(cmd,
2020 ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf);
2021
2022 cmd->tmr_req->se_tmr_req = cmd->se_cmd.se_tmr_req;
2023 }
2024
2025 cmd->iscsi_opcode = ISCSI_OP_SCSI_TMFUNC;
2026 cmd->i_state = ISTATE_SEND_TASKMGTRSP;
2027 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0);
2028 cmd->init_task_tag = hdr->itt;
2029 cmd->targ_xfer_tag = 0xFFFFFFFF;
2030 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn);
2031 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn);
2032 se_tmr = cmd->se_cmd.se_tmr_req;
2033 tmr_req = cmd->tmr_req;
2034
2035
2036
2037 if (function != ISCSI_TM_FUNC_TASK_REASSIGN) {
2038 ret = transport_lookup_tmr_lun(&cmd->se_cmd,
2039 scsilun_to_int(&hdr->lun));
2040 if (ret < 0) {
2041 se_tmr->response = ISCSI_TMF_RSP_NO_LUN;
2042 goto attach;
2043 }
2044 }
2045
2046 switch (function) {
2047 case ISCSI_TM_FUNC_ABORT_TASK:
2048 se_tmr->response = iscsit_tmr_abort_task(cmd, buf);
2049 if (se_tmr->response)
2050 goto attach;
2051 break;
2052 case ISCSI_TM_FUNC_ABORT_TASK_SET:
2053 case ISCSI_TM_FUNC_CLEAR_ACA:
2054 case ISCSI_TM_FUNC_CLEAR_TASK_SET:
2055 case ISCSI_TM_FUNC_LOGICAL_UNIT_RESET:
2056 break;
2057 case ISCSI_TM_FUNC_TARGET_WARM_RESET:
2058 if (iscsit_tmr_task_warm_reset(conn, tmr_req, buf) < 0) {
2059 se_tmr->response = ISCSI_TMF_RSP_AUTH_FAILED;
2060 goto attach;
2061 }
2062 break;
2063 case ISCSI_TM_FUNC_TARGET_COLD_RESET:
2064 if (iscsit_tmr_task_cold_reset(conn, tmr_req, buf) < 0) {
2065 se_tmr->response = ISCSI_TMF_RSP_AUTH_FAILED;
2066 goto attach;
2067 }
2068 break;
2069 case ISCSI_TM_FUNC_TASK_REASSIGN:
2070 se_tmr->response = iscsit_tmr_task_reassign(cmd, buf);
2071
2072
2073
2074
2075 if (se_tmr->response)
2076 break;
2077
2078 if (iscsit_check_task_reassign_expdatasn(tmr_req, conn) < 0)
2079 return iscsit_add_reject_cmd(cmd,
2080 ISCSI_REASON_BOOKMARK_INVALID, buf);
2081 break;
2082 default:
2083 pr_err("Unknown TMR function: 0x%02x, protocol"
2084 " error.\n", function);
2085 se_tmr->response = ISCSI_TMF_RSP_NOT_SUPPORTED;
2086 goto attach;
2087 }
2088
2089 if ((function != ISCSI_TM_FUNC_TASK_REASSIGN) &&
2090 (se_tmr->response == ISCSI_TMF_RSP_COMPLETE))
2091 se_tmr->call_transport = 1;
2092attach:
2093 spin_lock_bh(&conn->cmd_lock);
2094 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list);
2095 spin_unlock_bh(&conn->cmd_lock);
2096
2097 if (!(hdr->opcode & ISCSI_OP_IMMEDIATE)) {
2098 int cmdsn_ret = iscsit_sequence_cmd(conn, cmd, buf, hdr->cmdsn);
2099 if (cmdsn_ret == CMDSN_HIGHER_THAN_EXP)
2100 out_of_order_cmdsn = 1;
2101 else if (cmdsn_ret == CMDSN_LOWER_THAN_EXP)
2102 return 0;
2103 else if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER)
2104 return -1;
2105 }
2106 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn));
2107
2108 if (out_of_order_cmdsn || !(hdr->opcode & ISCSI_OP_IMMEDIATE))
2109 return 0;
2110
2111
2112
2113 if (se_tmr->call_transport)
2114 return transport_generic_handle_tmr(&cmd->se_cmd);
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124 if (sess_ref) {
2125 pr_debug("Handle TMR, using sess_ref=true check\n");
2126 target_put_sess_cmd(&cmd->se_cmd);
2127 }
2128
2129 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state);
2130 return 0;
2131}
2132EXPORT_SYMBOL(iscsit_handle_task_mgt_cmd);
2133
2134
2135int
2136iscsit_setup_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd,
2137 struct iscsi_text *hdr)
2138{
2139 u32 payload_length = ntoh24(hdr->dlength);
2140
2141 if (payload_length > conn->conn_ops->MaxXmitDataSegmentLength) {
2142 pr_err("Unable to accept text parameter length: %u"
2143 "greater than MaxXmitDataSegmentLength %u.\n",
2144 payload_length, conn->conn_ops->MaxXmitDataSegmentLength);
2145 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR,
2146 (unsigned char *)hdr);
2147 }
2148
2149 if (!(hdr->flags & ISCSI_FLAG_CMD_FINAL) ||
2150 (hdr->flags & ISCSI_FLAG_TEXT_CONTINUE)) {
2151 pr_err("Multi sequence text commands currently not supported\n");
2152 return iscsit_reject_cmd(cmd, ISCSI_REASON_CMD_NOT_SUPPORTED,
2153 (unsigned char *)hdr);
2154 }
2155
2156 pr_debug("Got Text Request: ITT: 0x%08x, CmdSN: 0x%08x,"
2157 " ExpStatSN: 0x%08x, Length: %u\n", hdr->itt, hdr->cmdsn,
2158 hdr->exp_statsn, payload_length);
2159
2160 cmd->iscsi_opcode = ISCSI_OP_TEXT;
2161 cmd->i_state = ISTATE_SEND_TEXTRSP;
2162 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0);
2163 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt;
2164 cmd->targ_xfer_tag = 0xFFFFFFFF;
2165 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn);
2166 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn);
2167 cmd->data_direction = DMA_NONE;
2168 cmd->text_in_ptr = NULL;
2169
2170 return 0;
2171}
2172EXPORT_SYMBOL(iscsit_setup_text_cmd);
2173
2174int
2175iscsit_process_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd,
2176 struct iscsi_text *hdr)
2177{
2178 unsigned char *text_in = cmd->text_in_ptr, *text_ptr;
2179 int cmdsn_ret;
2180
2181 if (!text_in) {
2182 cmd->targ_xfer_tag = be32_to_cpu(hdr->ttt);
2183 if (cmd->targ_xfer_tag == 0xFFFFFFFF) {
2184 pr_err("Unable to locate text_in buffer for sendtargets"
2185 " discovery\n");
2186 goto reject;
2187 }
2188 goto empty_sendtargets;
2189 }
2190 if (strncmp("SendTargets", text_in, 11) != 0) {
2191 pr_err("Received Text Data that is not"
2192 " SendTargets, cannot continue.\n");
2193 goto reject;
2194 }
2195 text_ptr = strchr(text_in, '=');
2196 if (!text_ptr) {
2197 pr_err("No \"=\" separator found in Text Data,"
2198 " cannot continue.\n");
2199 goto reject;
2200 }
2201 if (!strncmp("=All", text_ptr, 4)) {
2202 cmd->cmd_flags |= ICF_SENDTARGETS_ALL;
2203 } else if (!strncmp("=iqn.", text_ptr, 5) ||
2204 !strncmp("=eui.", text_ptr, 5)) {
2205 cmd->cmd_flags |= ICF_SENDTARGETS_SINGLE;
2206 } else {
2207 pr_err("Unable to locate valid SendTargets=%s value\n", text_ptr);
2208 goto reject;
2209 }
2210
2211 spin_lock_bh(&conn->cmd_lock);
2212 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list);
2213 spin_unlock_bh(&conn->cmd_lock);
2214
2215empty_sendtargets:
2216 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn));
2217
2218 if (!(hdr->opcode & ISCSI_OP_IMMEDIATE)) {
2219 cmdsn_ret = iscsit_sequence_cmd(conn, cmd,
2220 (unsigned char *)hdr, hdr->cmdsn);
2221 if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER)
2222 return -1;
2223
2224 return 0;
2225 }
2226
2227 return iscsit_execute_cmd(cmd, 0);
2228
2229reject:
2230 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR,
2231 (unsigned char *)hdr);
2232}
2233EXPORT_SYMBOL(iscsit_process_text_cmd);
2234
2235static int
2236iscsit_handle_text_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd,
2237 unsigned char *buf)
2238{
2239 struct iscsi_text *hdr = (struct iscsi_text *)buf;
2240 char *text_in = NULL;
2241 u32 payload_length = ntoh24(hdr->dlength);
2242 int rx_size, rc;
2243
2244 rc = iscsit_setup_text_cmd(conn, cmd, hdr);
2245 if (rc < 0)
2246 return 0;
2247
2248 rx_size = payload_length;
2249 if (payload_length) {
2250 u32 checksum = 0, data_crc = 0;
2251 u32 padding = 0, pad_bytes = 0;
2252 int niov = 0, rx_got;
2253 struct kvec iov[3];
2254
2255 text_in = kzalloc(payload_length, GFP_KERNEL);
2256 if (!text_in) {
2257 pr_err("Unable to allocate memory for"
2258 " incoming text parameters\n");
2259 goto reject;
2260 }
2261 cmd->text_in_ptr = text_in;
2262
2263 memset(iov, 0, 3 * sizeof(struct kvec));
2264 iov[niov].iov_base = text_in;
2265 iov[niov++].iov_len = payload_length;
2266
2267 padding = ((-payload_length) & 3);
2268 if (padding != 0) {
2269 iov[niov].iov_base = &pad_bytes;
2270 iov[niov++].iov_len = padding;
2271 rx_size += padding;
2272 pr_debug("Receiving %u additional bytes"
2273 " for padding.\n", padding);
2274 }
2275 if (conn->conn_ops->DataDigest) {
2276 iov[niov].iov_base = &checksum;
2277 iov[niov++].iov_len = ISCSI_CRC_LEN;
2278 rx_size += ISCSI_CRC_LEN;
2279 }
2280
2281 rx_got = rx_data(conn, &iov[0], niov, rx_size);
2282 if (rx_got != rx_size)
2283 goto reject;
2284
2285 if (conn->conn_ops->DataDigest) {
2286 iscsit_do_crypto_hash_buf(conn->conn_rx_hash,
2287 text_in, payload_length,
2288 padding, (u8 *)&pad_bytes,
2289 (u8 *)&data_crc);
2290
2291 if (checksum != data_crc) {
2292 pr_err("Text data CRC32C DataDigest"
2293 " 0x%08x does not match computed"
2294 " 0x%08x\n", checksum, data_crc);
2295 if (!conn->sess->sess_ops->ErrorRecoveryLevel) {
2296 pr_err("Unable to recover from"
2297 " Text Data digest failure while in"
2298 " ERL=0.\n");
2299 goto reject;
2300 } else {
2301
2302
2303
2304
2305 pr_debug("Dropping Text"
2306 " Command CmdSN: 0x%08x due to"
2307 " DataCRC error.\n", hdr->cmdsn);
2308 kfree(text_in);
2309 return 0;
2310 }
2311 } else {
2312 pr_debug("Got CRC32C DataDigest"
2313 " 0x%08x for %u bytes of text data.\n",
2314 checksum, payload_length);
2315 }
2316 }
2317 text_in[payload_length - 1] = '\0';
2318 pr_debug("Successfully read %d bytes of text"
2319 " data.\n", payload_length);
2320 }
2321
2322 return iscsit_process_text_cmd(conn, cmd, hdr);
2323
2324reject:
2325 kfree(cmd->text_in_ptr);
2326 cmd->text_in_ptr = NULL;
2327 return iscsit_reject_cmd(cmd, ISCSI_REASON_PROTOCOL_ERROR, buf);
2328}
2329
2330int iscsit_logout_closesession(struct iscsi_cmd *cmd, struct iscsi_conn *conn)
2331{
2332 struct iscsi_conn *conn_p;
2333 struct iscsi_session *sess = conn->sess;
2334
2335 pr_debug("Received logout request CLOSESESSION on CID: %hu"
2336 " for SID: %u.\n", conn->cid, conn->sess->sid);
2337
2338 atomic_set(&sess->session_logout, 1);
2339 atomic_set(&conn->conn_logout_remove, 1);
2340 conn->conn_logout_reason = ISCSI_LOGOUT_REASON_CLOSE_SESSION;
2341
2342 iscsit_inc_conn_usage_count(conn);
2343 iscsit_inc_session_usage_count(sess);
2344
2345 spin_lock_bh(&sess->conn_lock);
2346 list_for_each_entry(conn_p, &sess->sess_conn_list, conn_list) {
2347 if (conn_p->conn_state != TARG_CONN_STATE_LOGGED_IN)
2348 continue;
2349
2350 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n");
2351 conn_p->conn_state = TARG_CONN_STATE_IN_LOGOUT;
2352 }
2353 spin_unlock_bh(&sess->conn_lock);
2354
2355 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state);
2356
2357 return 0;
2358}
2359
2360int iscsit_logout_closeconnection(struct iscsi_cmd *cmd, struct iscsi_conn *conn)
2361{
2362 struct iscsi_conn *l_conn;
2363 struct iscsi_session *sess = conn->sess;
2364
2365 pr_debug("Received logout request CLOSECONNECTION for CID:"
2366 " %hu on CID: %hu.\n", cmd->logout_cid, conn->cid);
2367
2368
2369
2370
2371
2372 if (conn->cid == cmd->logout_cid) {
2373 spin_lock_bh(&conn->state_lock);
2374 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n");
2375 conn->conn_state = TARG_CONN_STATE_IN_LOGOUT;
2376
2377 atomic_set(&conn->conn_logout_remove, 1);
2378 conn->conn_logout_reason = ISCSI_LOGOUT_REASON_CLOSE_CONNECTION;
2379 iscsit_inc_conn_usage_count(conn);
2380
2381 spin_unlock_bh(&conn->state_lock);
2382 } else {
2383
2384
2385
2386
2387
2388
2389
2390
2391 l_conn = iscsit_get_conn_from_cid(sess,
2392 cmd->logout_cid);
2393 if (!l_conn) {
2394 cmd->logout_response = ISCSI_LOGOUT_CID_NOT_FOUND;
2395 iscsit_add_cmd_to_response_queue(cmd, conn,
2396 cmd->i_state);
2397 return 0;
2398 }
2399
2400 iscsit_dec_conn_usage_count(l_conn);
2401 }
2402
2403 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state);
2404
2405 return 0;
2406}
2407
2408int iscsit_logout_removeconnforrecovery(struct iscsi_cmd *cmd, struct iscsi_conn *conn)
2409{
2410 struct iscsi_session *sess = conn->sess;
2411
2412 pr_debug("Received explicit REMOVECONNFORRECOVERY logout for"
2413 " CID: %hu on CID: %hu.\n", cmd->logout_cid, conn->cid);
2414
2415 if (sess->sess_ops->ErrorRecoveryLevel != 2) {
2416 pr_err("Received Logout Request REMOVECONNFORRECOVERY"
2417 " while ERL!=2.\n");
2418 cmd->logout_response = ISCSI_LOGOUT_RECOVERY_UNSUPPORTED;
2419 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state);
2420 return 0;
2421 }
2422
2423 if (conn->cid == cmd->logout_cid) {
2424 pr_err("Received Logout Request REMOVECONNFORRECOVERY"
2425 " with CID: %hu on CID: %hu, implementation error.\n",
2426 cmd->logout_cid, conn->cid);
2427 cmd->logout_response = ISCSI_LOGOUT_CLEANUP_FAILED;
2428 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state);
2429 return 0;
2430 }
2431
2432 iscsit_add_cmd_to_response_queue(cmd, conn, cmd->i_state);
2433
2434 return 0;
2435}
2436
2437int
2438iscsit_handle_logout_cmd(struct iscsi_conn *conn, struct iscsi_cmd *cmd,
2439 unsigned char *buf)
2440{
2441 int cmdsn_ret, logout_remove = 0;
2442 u8 reason_code = 0;
2443 struct iscsi_logout *hdr;
2444 struct iscsi_tiqn *tiqn = iscsit_snmp_get_tiqn(conn);
2445
2446 hdr = (struct iscsi_logout *) buf;
2447 reason_code = (hdr->flags & 0x7f);
2448
2449 if (tiqn) {
2450 spin_lock(&tiqn->logout_stats.lock);
2451 if (reason_code == ISCSI_LOGOUT_REASON_CLOSE_SESSION)
2452 tiqn->logout_stats.normal_logouts++;
2453 else
2454 tiqn->logout_stats.abnormal_logouts++;
2455 spin_unlock(&tiqn->logout_stats.lock);
2456 }
2457
2458 pr_debug("Got Logout Request ITT: 0x%08x CmdSN: 0x%08x"
2459 " ExpStatSN: 0x%08x Reason: 0x%02x CID: %hu on CID: %hu\n",
2460 hdr->itt, hdr->cmdsn, hdr->exp_statsn, reason_code,
2461 hdr->cid, conn->cid);
2462
2463 if (conn->conn_state != TARG_CONN_STATE_LOGGED_IN) {
2464 pr_err("Received logout request on connection that"
2465 " is not in logged in state, ignoring request.\n");
2466 iscsit_free_cmd(cmd, false);
2467 return 0;
2468 }
2469
2470 cmd->iscsi_opcode = ISCSI_OP_LOGOUT;
2471 cmd->i_state = ISTATE_SEND_LOGOUTRSP;
2472 cmd->immediate_cmd = ((hdr->opcode & ISCSI_OP_IMMEDIATE) ? 1 : 0);
2473 conn->sess->init_task_tag = cmd->init_task_tag = hdr->itt;
2474 cmd->targ_xfer_tag = 0xFFFFFFFF;
2475 cmd->cmd_sn = be32_to_cpu(hdr->cmdsn);
2476 cmd->exp_stat_sn = be32_to_cpu(hdr->exp_statsn);
2477 cmd->logout_cid = be16_to_cpu(hdr->cid);
2478 cmd->logout_reason = reason_code;
2479 cmd->data_direction = DMA_NONE;
2480
2481
2482
2483
2484
2485 if ((reason_code == ISCSI_LOGOUT_REASON_CLOSE_SESSION) ||
2486 ((reason_code == ISCSI_LOGOUT_REASON_CLOSE_CONNECTION) &&
2487 be16_to_cpu(hdr->cid) == conn->cid))
2488 logout_remove = 1;
2489
2490 spin_lock_bh(&conn->cmd_lock);
2491 list_add_tail(&cmd->i_conn_node, &conn->conn_cmd_list);
2492 spin_unlock_bh(&conn->cmd_lock);
2493
2494 if (reason_code != ISCSI_LOGOUT_REASON_RECOVERY)
2495 iscsit_ack_from_expstatsn(conn, be32_to_cpu(hdr->exp_statsn));
2496
2497
2498
2499
2500
2501 if (cmd->immediate_cmd) {
2502 int ret = iscsit_execute_cmd(cmd, 0);
2503
2504 if (ret < 0)
2505 return ret;
2506 } else {
2507 cmdsn_ret = iscsit_sequence_cmd(conn, cmd, buf, hdr->cmdsn);
2508 if (cmdsn_ret == CMDSN_LOWER_THAN_EXP)
2509 logout_remove = 0;
2510 else if (cmdsn_ret == CMDSN_ERROR_CANNOT_RECOVER)
2511 return -1;
2512 }
2513
2514 return logout_remove;
2515}
2516EXPORT_SYMBOL(iscsit_handle_logout_cmd);
2517
2518int iscsit_handle_snack(
2519 struct iscsi_conn *conn,
2520 unsigned char *buf)
2521{
2522 struct iscsi_snack *hdr;
2523
2524 hdr = (struct iscsi_snack *) buf;
2525 hdr->flags &= ~ISCSI_FLAG_CMD_FINAL;
2526
2527 pr_debug("Got ISCSI_INIT_SNACK, ITT: 0x%08x, ExpStatSN:"
2528 " 0x%08x, Type: 0x%02x, BegRun: 0x%08x, RunLength: 0x%08x,"
2529 " CID: %hu\n", hdr->itt, hdr->exp_statsn, hdr->flags,
2530 hdr->begrun, hdr->runlength, conn->cid);
2531
2532 if (!conn->sess->sess_ops->ErrorRecoveryLevel) {
2533 pr_err("Initiator sent SNACK request while in"
2534 " ErrorRecoveryLevel=0.\n");
2535 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR,
2536 buf);
2537 }
2538
2539
2540
2541
2542 switch (hdr->flags & ISCSI_FLAG_SNACK_TYPE_MASK) {
2543 case 0:
2544 return iscsit_handle_recovery_datain_or_r2t(conn, buf,
2545 hdr->itt,
2546 be32_to_cpu(hdr->ttt),
2547 be32_to_cpu(hdr->begrun),
2548 be32_to_cpu(hdr->runlength));
2549 case ISCSI_FLAG_SNACK_TYPE_STATUS:
2550 return iscsit_handle_status_snack(conn, hdr->itt,
2551 be32_to_cpu(hdr->ttt),
2552 be32_to_cpu(hdr->begrun), be32_to_cpu(hdr->runlength));
2553 case ISCSI_FLAG_SNACK_TYPE_DATA_ACK:
2554 return iscsit_handle_data_ack(conn, be32_to_cpu(hdr->ttt),
2555 be32_to_cpu(hdr->begrun),
2556 be32_to_cpu(hdr->runlength));
2557 case ISCSI_FLAG_SNACK_TYPE_RDATA:
2558
2559 pr_err("R-Data SNACK Not Supported.\n");
2560 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR,
2561 buf);
2562 default:
2563 pr_err("Unknown SNACK type 0x%02x, protocol"
2564 " error.\n", hdr->flags & 0x0f);
2565 return iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR,
2566 buf);
2567 }
2568
2569 return 0;
2570}
2571EXPORT_SYMBOL(iscsit_handle_snack);
2572
2573static void iscsit_rx_thread_wait_for_tcp(struct iscsi_conn *conn)
2574{
2575 if ((conn->sock->sk->sk_shutdown & SEND_SHUTDOWN) ||
2576 (conn->sock->sk->sk_shutdown & RCV_SHUTDOWN)) {
2577 wait_for_completion_interruptible_timeout(
2578 &conn->rx_half_close_comp,
2579 ISCSI_RX_THREAD_TCP_TIMEOUT * HZ);
2580 }
2581}
2582
2583static int iscsit_handle_immediate_data(
2584 struct iscsi_cmd *cmd,
2585 struct iscsi_scsi_req *hdr,
2586 u32 length)
2587{
2588 int iov_ret, rx_got = 0, rx_size = 0;
2589 u32 checksum, iov_count = 0, padding = 0;
2590 struct iscsi_conn *conn = cmd->conn;
2591 struct kvec *iov;
2592
2593 iov_ret = iscsit_map_iovec(cmd, cmd->iov_data, cmd->write_data_done, length);
2594 if (iov_ret < 0)
2595 return IMMEDIATE_DATA_CANNOT_RECOVER;
2596
2597 rx_size = length;
2598 iov_count = iov_ret;
2599 iov = &cmd->iov_data[0];
2600
2601 padding = ((-length) & 3);
2602 if (padding != 0) {
2603 iov[iov_count].iov_base = cmd->pad_bytes;
2604 iov[iov_count++].iov_len = padding;
2605 rx_size += padding;
2606 }
2607
2608 if (conn->conn_ops->DataDigest) {
2609 iov[iov_count].iov_base = &checksum;
2610 iov[iov_count++].iov_len = ISCSI_CRC_LEN;
2611 rx_size += ISCSI_CRC_LEN;
2612 }
2613
2614 rx_got = rx_data(conn, &cmd->iov_data[0], iov_count, rx_size);
2615
2616 iscsit_unmap_iovec(cmd);
2617
2618 if (rx_got != rx_size) {
2619 iscsit_rx_thread_wait_for_tcp(conn);
2620 return IMMEDIATE_DATA_CANNOT_RECOVER;
2621 }
2622
2623 if (conn->conn_ops->DataDigest) {
2624 u32 data_crc;
2625
2626 data_crc = iscsit_do_crypto_hash_sg(conn->conn_rx_hash, cmd,
2627 cmd->write_data_done, length, padding,
2628 cmd->pad_bytes);
2629
2630 if (checksum != data_crc) {
2631 pr_err("ImmediateData CRC32C DataDigest 0x%08x"
2632 " does not match computed 0x%08x\n", checksum,
2633 data_crc);
2634
2635 if (!conn->sess->sess_ops->ErrorRecoveryLevel) {
2636 pr_err("Unable to recover from"
2637 " Immediate Data digest failure while"
2638 " in ERL=0.\n");
2639 iscsit_reject_cmd(cmd,
2640 ISCSI_REASON_DATA_DIGEST_ERROR,
2641 (unsigned char *)hdr);
2642 return IMMEDIATE_DATA_CANNOT_RECOVER;
2643 } else {
2644 iscsit_reject_cmd(cmd,
2645 ISCSI_REASON_DATA_DIGEST_ERROR,
2646 (unsigned char *)hdr);
2647 return IMMEDIATE_DATA_ERL1_CRC_FAILURE;
2648 }
2649 } else {
2650 pr_debug("Got CRC32C DataDigest 0x%08x for"
2651 " %u bytes of Immediate Data\n", checksum,
2652 length);
2653 }
2654 }
2655
2656 cmd->write_data_done += length;
2657
2658 if (cmd->write_data_done == cmd->se_cmd.data_length) {
2659 spin_lock_bh(&cmd->istate_lock);
2660 cmd->cmd_flags |= ICF_GOT_LAST_DATAOUT;
2661 cmd->i_state = ISTATE_RECEIVED_LAST_DATAOUT;
2662 spin_unlock_bh(&cmd->istate_lock);
2663 }
2664
2665 return IMMEDIATE_DATA_NORMAL_OPERATION;
2666}
2667
2668
2669
2670
2671
2672
2673static void iscsit_build_conn_drop_async_message(struct iscsi_conn *conn)
2674{
2675 struct iscsi_cmd *cmd;
2676 struct iscsi_conn *conn_p;
2677 bool found = false;
2678
2679
2680
2681
2682
2683 list_for_each_entry(conn_p, &conn->sess->sess_conn_list, conn_list) {
2684 if (conn_p->conn_state == TARG_CONN_STATE_LOGGED_IN) {
2685 iscsit_inc_conn_usage_count(conn_p);
2686 found = true;
2687 break;
2688 }
2689 }
2690
2691 if (!found)
2692 return;
2693
2694 cmd = iscsit_allocate_cmd(conn_p, TASK_RUNNING);
2695 if (!cmd) {
2696 iscsit_dec_conn_usage_count(conn_p);
2697 return;
2698 }
2699
2700 cmd->logout_cid = conn->cid;
2701 cmd->iscsi_opcode = ISCSI_OP_ASYNC_EVENT;
2702 cmd->i_state = ISTATE_SEND_ASYNCMSG;
2703
2704 spin_lock_bh(&conn_p->cmd_lock);
2705 list_add_tail(&cmd->i_conn_node, &conn_p->conn_cmd_list);
2706 spin_unlock_bh(&conn_p->cmd_lock);
2707
2708 iscsit_add_cmd_to_response_queue(cmd, conn_p, cmd->i_state);
2709 iscsit_dec_conn_usage_count(conn_p);
2710}
2711
2712static int iscsit_send_conn_drop_async_message(
2713 struct iscsi_cmd *cmd,
2714 struct iscsi_conn *conn)
2715{
2716 struct iscsi_async *hdr;
2717
2718 cmd->iscsi_opcode = ISCSI_OP_ASYNC_EVENT;
2719
2720 hdr = (struct iscsi_async *) cmd->pdu;
2721 hdr->opcode = ISCSI_OP_ASYNC_EVENT;
2722 hdr->flags = ISCSI_FLAG_CMD_FINAL;
2723 cmd->init_task_tag = RESERVED_ITT;
2724 cmd->targ_xfer_tag = 0xFFFFFFFF;
2725 put_unaligned_be64(0xFFFFFFFFFFFFFFFFULL, &hdr->rsvd4[0]);
2726 cmd->stat_sn = conn->stat_sn++;
2727 hdr->statsn = cpu_to_be32(cmd->stat_sn);
2728 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
2729 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn));
2730 hdr->async_event = ISCSI_ASYNC_MSG_DROPPING_CONNECTION;
2731 hdr->param1 = cpu_to_be16(cmd->logout_cid);
2732 hdr->param2 = cpu_to_be16(conn->sess->sess_ops->DefaultTime2Wait);
2733 hdr->param3 = cpu_to_be16(conn->sess->sess_ops->DefaultTime2Retain);
2734
2735 pr_debug("Sending Connection Dropped Async Message StatSN:"
2736 " 0x%08x, for CID: %hu on CID: %hu\n", cmd->stat_sn,
2737 cmd->logout_cid, conn->cid);
2738
2739 return conn->conn_transport->iscsit_xmit_pdu(conn, cmd, NULL, NULL, 0);
2740}
2741
2742static void iscsit_tx_thread_wait_for_tcp(struct iscsi_conn *conn)
2743{
2744 if ((conn->sock->sk->sk_shutdown & SEND_SHUTDOWN) ||
2745 (conn->sock->sk->sk_shutdown & RCV_SHUTDOWN)) {
2746 wait_for_completion_interruptible_timeout(
2747 &conn->tx_half_close_comp,
2748 ISCSI_TX_THREAD_TCP_TIMEOUT * HZ);
2749 }
2750}
2751
2752void
2753iscsit_build_datain_pdu(struct iscsi_cmd *cmd, struct iscsi_conn *conn,
2754 struct iscsi_datain *datain, struct iscsi_data_rsp *hdr,
2755 bool set_statsn)
2756{
2757 hdr->opcode = ISCSI_OP_SCSI_DATA_IN;
2758 hdr->flags = datain->flags;
2759 if (hdr->flags & ISCSI_FLAG_DATA_STATUS) {
2760 if (cmd->se_cmd.se_cmd_flags & SCF_OVERFLOW_BIT) {
2761 hdr->flags |= ISCSI_FLAG_DATA_OVERFLOW;
2762 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count);
2763 } else if (cmd->se_cmd.se_cmd_flags & SCF_UNDERFLOW_BIT) {
2764 hdr->flags |= ISCSI_FLAG_DATA_UNDERFLOW;
2765 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count);
2766 }
2767 }
2768 hton24(hdr->dlength, datain->length);
2769 if (hdr->flags & ISCSI_FLAG_DATA_ACK)
2770 int_to_scsilun(cmd->se_cmd.orig_fe_lun,
2771 (struct scsi_lun *)&hdr->lun);
2772 else
2773 put_unaligned_le64(0xFFFFFFFFFFFFFFFFULL, &hdr->lun);
2774
2775 hdr->itt = cmd->init_task_tag;
2776
2777 if (hdr->flags & ISCSI_FLAG_DATA_ACK)
2778 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag);
2779 else
2780 hdr->ttt = cpu_to_be32(0xFFFFFFFF);
2781 if (set_statsn)
2782 hdr->statsn = cpu_to_be32(cmd->stat_sn);
2783 else
2784 hdr->statsn = cpu_to_be32(0xFFFFFFFF);
2785
2786 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
2787 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn));
2788 hdr->datasn = cpu_to_be32(datain->data_sn);
2789 hdr->offset = cpu_to_be32(datain->offset);
2790
2791 pr_debug("Built DataIN ITT: 0x%08x, StatSN: 0x%08x,"
2792 " DataSN: 0x%08x, Offset: %u, Length: %u, CID: %hu\n",
2793 cmd->init_task_tag, ntohl(hdr->statsn), ntohl(hdr->datasn),
2794 ntohl(hdr->offset), datain->length, conn->cid);
2795}
2796EXPORT_SYMBOL(iscsit_build_datain_pdu);
2797
2798static int iscsit_send_datain(struct iscsi_cmd *cmd, struct iscsi_conn *conn)
2799{
2800 struct iscsi_data_rsp *hdr = (struct iscsi_data_rsp *)&cmd->pdu[0];
2801 struct iscsi_datain datain;
2802 struct iscsi_datain_req *dr;
2803 int eodr = 0, ret;
2804 bool set_statsn = false;
2805
2806 memset(&datain, 0, sizeof(struct iscsi_datain));
2807 dr = iscsit_get_datain_values(cmd, &datain);
2808 if (!dr) {
2809 pr_err("iscsit_get_datain_values failed for ITT: 0x%08x\n",
2810 cmd->init_task_tag);
2811 return -1;
2812 }
2813
2814
2815
2816 if ((datain.offset + datain.length) > cmd->se_cmd.data_length) {
2817 pr_err("Command ITT: 0x%08x, datain.offset: %u and"
2818 " datain.length: %u exceeds cmd->data_length: %u\n",
2819 cmd->init_task_tag, datain.offset, datain.length,
2820 cmd->se_cmd.data_length);
2821 return -1;
2822 }
2823
2824 atomic_long_add(datain.length, &conn->sess->tx_data_octets);
2825
2826
2827
2828
2829 if ((datain.flags & ISCSI_FLAG_DATA_STATUS) &&
2830 (cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE))
2831 datain.flags &= ~ISCSI_FLAG_DATA_STATUS;
2832 else {
2833 if ((dr->dr_complete == DATAIN_COMPLETE_NORMAL) ||
2834 (dr->dr_complete == DATAIN_COMPLETE_CONNECTION_RECOVERY)) {
2835 iscsit_increment_maxcmdsn(cmd, conn->sess);
2836 cmd->stat_sn = conn->stat_sn++;
2837 set_statsn = true;
2838 } else if (dr->dr_complete ==
2839 DATAIN_COMPLETE_WITHIN_COMMAND_RECOVERY)
2840 set_statsn = true;
2841 }
2842
2843 iscsit_build_datain_pdu(cmd, conn, &datain, hdr, set_statsn);
2844
2845 ret = conn->conn_transport->iscsit_xmit_pdu(conn, cmd, dr, &datain, 0);
2846 if (ret < 0)
2847 return ret;
2848
2849 if (dr->dr_complete) {
2850 eodr = (cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) ?
2851 2 : 1;
2852 iscsit_free_datain_req(cmd, dr);
2853 }
2854
2855 return eodr;
2856}
2857
2858int
2859iscsit_build_logout_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn,
2860 struct iscsi_logout_rsp *hdr)
2861{
2862 struct iscsi_conn *logout_conn = NULL;
2863 struct iscsi_conn_recovery *cr = NULL;
2864 struct iscsi_session *sess = conn->sess;
2865
2866
2867
2868
2869
2870 switch (cmd->logout_reason) {
2871 case ISCSI_LOGOUT_REASON_CLOSE_SESSION:
2872 pr_debug("iSCSI session logout successful, setting"
2873 " logout response to ISCSI_LOGOUT_SUCCESS.\n");
2874 cmd->logout_response = ISCSI_LOGOUT_SUCCESS;
2875 break;
2876 case ISCSI_LOGOUT_REASON_CLOSE_CONNECTION:
2877 if (cmd->logout_response == ISCSI_LOGOUT_CID_NOT_FOUND)
2878 break;
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891 pr_debug("iSCSI CID: %hu logout on CID: %hu"
2892 " successful.\n", cmd->logout_cid, conn->cid);
2893 cmd->logout_response = ISCSI_LOGOUT_SUCCESS;
2894 break;
2895 case ISCSI_LOGOUT_REASON_RECOVERY:
2896 if ((cmd->logout_response == ISCSI_LOGOUT_RECOVERY_UNSUPPORTED) ||
2897 (cmd->logout_response == ISCSI_LOGOUT_CLEANUP_FAILED))
2898 break;
2899
2900
2901
2902
2903 logout_conn = iscsit_get_conn_from_cid_rcfr(sess,
2904 cmd->logout_cid);
2905 if (logout_conn) {
2906 iscsit_connection_reinstatement_rcfr(logout_conn);
2907 iscsit_dec_conn_usage_count(logout_conn);
2908 }
2909
2910 cr = iscsit_get_inactive_connection_recovery_entry(
2911 conn->sess, cmd->logout_cid);
2912 if (!cr) {
2913 pr_err("Unable to locate CID: %hu for"
2914 " REMOVECONNFORRECOVERY Logout Request.\n",
2915 cmd->logout_cid);
2916 cmd->logout_response = ISCSI_LOGOUT_CID_NOT_FOUND;
2917 break;
2918 }
2919
2920 iscsit_discard_cr_cmds_by_expstatsn(cr, cmd->exp_stat_sn);
2921
2922 pr_debug("iSCSI REMOVECONNFORRECOVERY logout"
2923 " for recovery for CID: %hu on CID: %hu successful.\n",
2924 cmd->logout_cid, conn->cid);
2925 cmd->logout_response = ISCSI_LOGOUT_SUCCESS;
2926 break;
2927 default:
2928 pr_err("Unknown cmd->logout_reason: 0x%02x\n",
2929 cmd->logout_reason);
2930 return -1;
2931 }
2932
2933 hdr->opcode = ISCSI_OP_LOGOUT_RSP;
2934 hdr->flags |= ISCSI_FLAG_CMD_FINAL;
2935 hdr->response = cmd->logout_response;
2936 hdr->itt = cmd->init_task_tag;
2937 cmd->stat_sn = conn->stat_sn++;
2938 hdr->statsn = cpu_to_be32(cmd->stat_sn);
2939
2940 iscsit_increment_maxcmdsn(cmd, conn->sess);
2941 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
2942 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn));
2943
2944 pr_debug("Built Logout Response ITT: 0x%08x StatSN:"
2945 " 0x%08x Response: 0x%02x CID: %hu on CID: %hu\n",
2946 cmd->init_task_tag, cmd->stat_sn, hdr->response,
2947 cmd->logout_cid, conn->cid);
2948
2949 return 0;
2950}
2951EXPORT_SYMBOL(iscsit_build_logout_rsp);
2952
2953static int
2954iscsit_send_logout(struct iscsi_cmd *cmd, struct iscsi_conn *conn)
2955{
2956 int rc;
2957
2958 rc = iscsit_build_logout_rsp(cmd, conn,
2959 (struct iscsi_logout_rsp *)&cmd->pdu[0]);
2960 if (rc < 0)
2961 return rc;
2962
2963 return conn->conn_transport->iscsit_xmit_pdu(conn, cmd, NULL, NULL, 0);
2964}
2965
2966void
2967iscsit_build_nopin_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn,
2968 struct iscsi_nopin *hdr, bool nopout_response)
2969{
2970 hdr->opcode = ISCSI_OP_NOOP_IN;
2971 hdr->flags |= ISCSI_FLAG_CMD_FINAL;
2972 hton24(hdr->dlength, cmd->buf_ptr_size);
2973 if (nopout_response)
2974 put_unaligned_le64(0xFFFFFFFFFFFFFFFFULL, &hdr->lun);
2975 hdr->itt = cmd->init_task_tag;
2976 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag);
2977 cmd->stat_sn = (nopout_response) ? conn->stat_sn++ :
2978 conn->stat_sn;
2979 hdr->statsn = cpu_to_be32(cmd->stat_sn);
2980
2981 if (nopout_response)
2982 iscsit_increment_maxcmdsn(cmd, conn->sess);
2983
2984 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
2985 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn));
2986
2987 pr_debug("Built NOPIN %s Response ITT: 0x%08x, TTT: 0x%08x,"
2988 " StatSN: 0x%08x, Length %u\n", (nopout_response) ?
2989 "Solicited" : "Unsolicited", cmd->init_task_tag,
2990 cmd->targ_xfer_tag, cmd->stat_sn, cmd->buf_ptr_size);
2991}
2992EXPORT_SYMBOL(iscsit_build_nopin_rsp);
2993
2994
2995
2996
2997static int iscsit_send_unsolicited_nopin(
2998 struct iscsi_cmd *cmd,
2999 struct iscsi_conn *conn,
3000 int want_response)
3001{
3002 struct iscsi_nopin *hdr = (struct iscsi_nopin *)&cmd->pdu[0];
3003 int ret;
3004
3005 iscsit_build_nopin_rsp(cmd, conn, hdr, false);
3006
3007 pr_debug("Sending Unsolicited NOPIN TTT: 0x%08x StatSN:"
3008 " 0x%08x CID: %hu\n", hdr->ttt, cmd->stat_sn, conn->cid);
3009
3010 ret = conn->conn_transport->iscsit_xmit_pdu(conn, cmd, NULL, NULL, 0);
3011 if (ret < 0)
3012 return ret;
3013
3014 spin_lock_bh(&cmd->istate_lock);
3015 cmd->i_state = want_response ?
3016 ISTATE_SENT_NOPIN_WANT_RESPONSE : ISTATE_SENT_STATUS;
3017 spin_unlock_bh(&cmd->istate_lock);
3018
3019 return 0;
3020}
3021
3022static int
3023iscsit_send_nopin(struct iscsi_cmd *cmd, struct iscsi_conn *conn)
3024{
3025 struct iscsi_nopin *hdr = (struct iscsi_nopin *)&cmd->pdu[0];
3026
3027 iscsit_build_nopin_rsp(cmd, conn, hdr, true);
3028
3029
3030
3031
3032
3033 pr_debug("Echoing back %u bytes of ping data.\n", cmd->buf_ptr_size);
3034
3035 return conn->conn_transport->iscsit_xmit_pdu(conn, cmd, NULL,
3036 cmd->buf_ptr,
3037 cmd->buf_ptr_size);
3038}
3039
3040static int iscsit_send_r2t(
3041 struct iscsi_cmd *cmd,
3042 struct iscsi_conn *conn)
3043{
3044 struct iscsi_r2t *r2t;
3045 struct iscsi_r2t_rsp *hdr;
3046 int ret;
3047
3048 r2t = iscsit_get_r2t_from_list(cmd);
3049 if (!r2t)
3050 return -1;
3051
3052 hdr = (struct iscsi_r2t_rsp *) cmd->pdu;
3053 memset(hdr, 0, ISCSI_HDR_LEN);
3054 hdr->opcode = ISCSI_OP_R2T;
3055 hdr->flags |= ISCSI_FLAG_CMD_FINAL;
3056 int_to_scsilun(cmd->se_cmd.orig_fe_lun,
3057 (struct scsi_lun *)&hdr->lun);
3058 hdr->itt = cmd->init_task_tag;
3059 if (conn->conn_transport->iscsit_get_r2t_ttt)
3060 conn->conn_transport->iscsit_get_r2t_ttt(conn, cmd, r2t);
3061 else
3062 r2t->targ_xfer_tag = session_get_next_ttt(conn->sess);
3063 hdr->ttt = cpu_to_be32(r2t->targ_xfer_tag);
3064 hdr->statsn = cpu_to_be32(conn->stat_sn);
3065 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
3066 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn));
3067 hdr->r2tsn = cpu_to_be32(r2t->r2t_sn);
3068 hdr->data_offset = cpu_to_be32(r2t->offset);
3069 hdr->data_length = cpu_to_be32(r2t->xfer_len);
3070
3071 pr_debug("Built %sR2T, ITT: 0x%08x, TTT: 0x%08x, StatSN:"
3072 " 0x%08x, R2TSN: 0x%08x, Offset: %u, DDTL: %u, CID: %hu\n",
3073 (!r2t->recovery_r2t) ? "" : "Recovery ", cmd->init_task_tag,
3074 r2t->targ_xfer_tag, ntohl(hdr->statsn), r2t->r2t_sn,
3075 r2t->offset, r2t->xfer_len, conn->cid);
3076
3077 spin_lock_bh(&cmd->r2t_lock);
3078 r2t->sent_r2t = 1;
3079 spin_unlock_bh(&cmd->r2t_lock);
3080
3081 ret = conn->conn_transport->iscsit_xmit_pdu(conn, cmd, NULL, NULL, 0);
3082 if (ret < 0) {
3083 return ret;
3084 }
3085
3086 spin_lock_bh(&cmd->dataout_timeout_lock);
3087 iscsit_start_dataout_timer(cmd, conn);
3088 spin_unlock_bh(&cmd->dataout_timeout_lock);
3089
3090 return 0;
3091}
3092
3093
3094
3095
3096
3097int iscsit_build_r2ts_for_cmd(
3098 struct iscsi_conn *conn,
3099 struct iscsi_cmd *cmd,
3100 bool recovery)
3101{
3102 int first_r2t = 1;
3103 u32 offset = 0, xfer_len = 0;
3104
3105 spin_lock_bh(&cmd->r2t_lock);
3106 if (cmd->cmd_flags & ICF_SENT_LAST_R2T) {
3107 spin_unlock_bh(&cmd->r2t_lock);
3108 return 0;
3109 }
3110
3111 if (conn->sess->sess_ops->DataSequenceInOrder &&
3112 !recovery)
3113 cmd->r2t_offset = max(cmd->r2t_offset, cmd->write_data_done);
3114
3115 while (cmd->outstanding_r2ts < conn->sess->sess_ops->MaxOutstandingR2T) {
3116 if (conn->sess->sess_ops->DataSequenceInOrder) {
3117 offset = cmd->r2t_offset;
3118
3119 if (first_r2t && recovery) {
3120 int new_data_end = offset +
3121 conn->sess->sess_ops->MaxBurstLength -
3122 cmd->next_burst_len;
3123
3124 if (new_data_end > cmd->se_cmd.data_length)
3125 xfer_len = cmd->se_cmd.data_length - offset;
3126 else
3127 xfer_len =
3128 conn->sess->sess_ops->MaxBurstLength -
3129 cmd->next_burst_len;
3130 } else {
3131 int new_data_end = offset +
3132 conn->sess->sess_ops->MaxBurstLength;
3133
3134 if (new_data_end > cmd->se_cmd.data_length)
3135 xfer_len = cmd->se_cmd.data_length - offset;
3136 else
3137 xfer_len = conn->sess->sess_ops->MaxBurstLength;
3138 }
3139 cmd->r2t_offset += xfer_len;
3140
3141 if (cmd->r2t_offset == cmd->se_cmd.data_length)
3142 cmd->cmd_flags |= ICF_SENT_LAST_R2T;
3143 } else {
3144 struct iscsi_seq *seq;
3145
3146 seq = iscsit_get_seq_holder_for_r2t(cmd);
3147 if (!seq) {
3148 spin_unlock_bh(&cmd->r2t_lock);
3149 return -1;
3150 }
3151
3152 offset = seq->offset;
3153 xfer_len = seq->xfer_len;
3154
3155 if (cmd->seq_send_order == cmd->seq_count)
3156 cmd->cmd_flags |= ICF_SENT_LAST_R2T;
3157 }
3158 cmd->outstanding_r2ts++;
3159 first_r2t = 0;
3160
3161 if (iscsit_add_r2t_to_list(cmd, offset, xfer_len, 0, 0) < 0) {
3162 spin_unlock_bh(&cmd->r2t_lock);
3163 return -1;
3164 }
3165
3166 if (cmd->cmd_flags & ICF_SENT_LAST_R2T)
3167 break;
3168 }
3169 spin_unlock_bh(&cmd->r2t_lock);
3170
3171 return 0;
3172}
3173EXPORT_SYMBOL(iscsit_build_r2ts_for_cmd);
3174
3175void iscsit_build_rsp_pdu(struct iscsi_cmd *cmd, struct iscsi_conn *conn,
3176 bool inc_stat_sn, struct iscsi_scsi_rsp *hdr)
3177{
3178 if (inc_stat_sn)
3179 cmd->stat_sn = conn->stat_sn++;
3180
3181 atomic_long_inc(&conn->sess->rsp_pdus);
3182
3183 memset(hdr, 0, ISCSI_HDR_LEN);
3184 hdr->opcode = ISCSI_OP_SCSI_CMD_RSP;
3185 hdr->flags |= ISCSI_FLAG_CMD_FINAL;
3186 if (cmd->se_cmd.se_cmd_flags & SCF_OVERFLOW_BIT) {
3187 hdr->flags |= ISCSI_FLAG_CMD_OVERFLOW;
3188 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count);
3189 } else if (cmd->se_cmd.se_cmd_flags & SCF_UNDERFLOW_BIT) {
3190 hdr->flags |= ISCSI_FLAG_CMD_UNDERFLOW;
3191 hdr->residual_count = cpu_to_be32(cmd->se_cmd.residual_count);
3192 }
3193 hdr->response = cmd->iscsi_response;
3194 hdr->cmd_status = cmd->se_cmd.scsi_status;
3195 hdr->itt = cmd->init_task_tag;
3196 hdr->statsn = cpu_to_be32(cmd->stat_sn);
3197
3198 iscsit_increment_maxcmdsn(cmd, conn->sess);
3199 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
3200 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn));
3201
3202 pr_debug("Built SCSI Response, ITT: 0x%08x, StatSN: 0x%08x,"
3203 " Response: 0x%02x, SAM Status: 0x%02x, CID: %hu\n",
3204 cmd->init_task_tag, cmd->stat_sn, cmd->se_cmd.scsi_status,
3205 cmd->se_cmd.scsi_status, conn->cid);
3206}
3207EXPORT_SYMBOL(iscsit_build_rsp_pdu);
3208
3209static int iscsit_send_response(struct iscsi_cmd *cmd, struct iscsi_conn *conn)
3210{
3211 struct iscsi_scsi_rsp *hdr = (struct iscsi_scsi_rsp *)&cmd->pdu[0];
3212 bool inc_stat_sn = (cmd->i_state == ISTATE_SEND_STATUS);
3213 void *data_buf = NULL;
3214 u32 padding = 0, data_buf_len = 0;
3215
3216 iscsit_build_rsp_pdu(cmd, conn, inc_stat_sn, hdr);
3217
3218
3219
3220
3221 if (cmd->se_cmd.sense_buffer &&
3222 ((cmd->se_cmd.se_cmd_flags & SCF_TRANSPORT_TASK_SENSE) ||
3223 (cmd->se_cmd.se_cmd_flags & SCF_EMULATED_TASK_SENSE))) {
3224 put_unaligned_be16(cmd->se_cmd.scsi_sense_length, cmd->sense_buffer);
3225 cmd->se_cmd.scsi_sense_length += sizeof (__be16);
3226
3227 padding = -(cmd->se_cmd.scsi_sense_length) & 3;
3228 hton24(hdr->dlength, (u32)cmd->se_cmd.scsi_sense_length);
3229 data_buf = cmd->sense_buffer;
3230 data_buf_len = cmd->se_cmd.scsi_sense_length + padding;
3231
3232 if (padding) {
3233 memset(cmd->sense_buffer +
3234 cmd->se_cmd.scsi_sense_length, 0, padding);
3235 pr_debug("Adding %u bytes of padding to"
3236 " SENSE.\n", padding);
3237 }
3238
3239 pr_debug("Attaching SENSE DATA: %u bytes to iSCSI"
3240 " Response PDU\n",
3241 cmd->se_cmd.scsi_sense_length);
3242 }
3243
3244 return conn->conn_transport->iscsit_xmit_pdu(conn, cmd, NULL, data_buf,
3245 data_buf_len);
3246}
3247
3248static u8 iscsit_convert_tcm_tmr_rsp(struct se_tmr_req *se_tmr)
3249{
3250 switch (se_tmr->response) {
3251 case TMR_FUNCTION_COMPLETE:
3252 return ISCSI_TMF_RSP_COMPLETE;
3253 case TMR_TASK_DOES_NOT_EXIST:
3254 return ISCSI_TMF_RSP_NO_TASK;
3255 case TMR_LUN_DOES_NOT_EXIST:
3256 return ISCSI_TMF_RSP_NO_LUN;
3257 case TMR_TASK_MGMT_FUNCTION_NOT_SUPPORTED:
3258 return ISCSI_TMF_RSP_NOT_SUPPORTED;
3259 case TMR_FUNCTION_REJECTED:
3260 default:
3261 return ISCSI_TMF_RSP_REJECTED;
3262 }
3263}
3264
3265void
3266iscsit_build_task_mgt_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn,
3267 struct iscsi_tm_rsp *hdr)
3268{
3269 struct se_tmr_req *se_tmr = cmd->se_cmd.se_tmr_req;
3270
3271 hdr->opcode = ISCSI_OP_SCSI_TMFUNC_RSP;
3272 hdr->flags = ISCSI_FLAG_CMD_FINAL;
3273 hdr->response = iscsit_convert_tcm_tmr_rsp(se_tmr);
3274 hdr->itt = cmd->init_task_tag;
3275 cmd->stat_sn = conn->stat_sn++;
3276 hdr->statsn = cpu_to_be32(cmd->stat_sn);
3277
3278 iscsit_increment_maxcmdsn(cmd, conn->sess);
3279 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
3280 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn));
3281
3282 pr_debug("Built Task Management Response ITT: 0x%08x,"
3283 " StatSN: 0x%08x, Response: 0x%02x, CID: %hu\n",
3284 cmd->init_task_tag, cmd->stat_sn, hdr->response, conn->cid);
3285}
3286EXPORT_SYMBOL(iscsit_build_task_mgt_rsp);
3287
3288static int
3289iscsit_send_task_mgt_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn)
3290{
3291 struct iscsi_tm_rsp *hdr = (struct iscsi_tm_rsp *)&cmd->pdu[0];
3292
3293 iscsit_build_task_mgt_rsp(cmd, conn, hdr);
3294
3295 return conn->conn_transport->iscsit_xmit_pdu(conn, cmd, NULL, NULL, 0);
3296}
3297
3298static bool iscsit_check_inaddr_any(struct iscsi_np *np)
3299{
3300 bool ret = false;
3301
3302 if (np->np_sockaddr.ss_family == AF_INET6) {
3303 const struct sockaddr_in6 sin6 = {
3304 .sin6_addr = IN6ADDR_ANY_INIT };
3305 struct sockaddr_in6 *sock_in6 =
3306 (struct sockaddr_in6 *)&np->np_sockaddr;
3307
3308 if (!memcmp(sock_in6->sin6_addr.s6_addr,
3309 sin6.sin6_addr.s6_addr, 16))
3310 ret = true;
3311 } else {
3312 struct sockaddr_in * sock_in =
3313 (struct sockaddr_in *)&np->np_sockaddr;
3314
3315 if (sock_in->sin_addr.s_addr == htonl(INADDR_ANY))
3316 ret = true;
3317 }
3318
3319 return ret;
3320}
3321
3322#define SENDTARGETS_BUF_LIMIT 32768U
3323
3324static int
3325iscsit_build_sendtargets_response(struct iscsi_cmd *cmd,
3326 enum iscsit_transport_type network_transport,
3327 int skip_bytes, bool *completed)
3328{
3329 char *payload = NULL;
3330 struct iscsi_conn *conn = cmd->conn;
3331 struct iscsi_portal_group *tpg;
3332 struct iscsi_tiqn *tiqn;
3333 struct iscsi_tpg_np *tpg_np;
3334 int buffer_len, end_of_buf = 0, len = 0, payload_len = 0;
3335 int target_name_printed;
3336 unsigned char buf[ISCSI_IQN_LEN+12];
3337 unsigned char *text_in = cmd->text_in_ptr, *text_ptr = NULL;
3338 bool active;
3339
3340 buffer_len = min(conn->conn_ops->MaxRecvDataSegmentLength,
3341 SENDTARGETS_BUF_LIMIT);
3342
3343 payload = kzalloc(buffer_len, GFP_KERNEL);
3344 if (!payload) {
3345 pr_err("Unable to allocate memory for sendtargets"
3346 " response.\n");
3347 return -ENOMEM;
3348 }
3349
3350
3351
3352
3353 if (cmd->cmd_flags & ICF_SENDTARGETS_SINGLE) {
3354 text_ptr = strchr(text_in, '=');
3355 if (!text_ptr) {
3356 pr_err("Unable to locate '=' string in text_in:"
3357 " %s\n", text_in);
3358 kfree(payload);
3359 return -EINVAL;
3360 }
3361
3362
3363
3364 text_ptr += 1;
3365 }
3366
3367 spin_lock(&tiqn_lock);
3368 list_for_each_entry(tiqn, &g_tiqn_list, tiqn_list) {
3369 if ((cmd->cmd_flags & ICF_SENDTARGETS_SINGLE) &&
3370 strcmp(tiqn->tiqn, text_ptr)) {
3371 continue;
3372 }
3373
3374 target_name_printed = 0;
3375
3376 spin_lock(&tiqn->tiqn_tpg_lock);
3377 list_for_each_entry(tpg, &tiqn->tiqn_tpg_list, tpg_list) {
3378
3379
3380
3381
3382
3383
3384 if ((tpg->tpg_attrib.generate_node_acls == 0) &&
3385 (tpg->tpg_attrib.demo_mode_discovery == 0) &&
3386 (!target_tpg_has_node_acl(&tpg->tpg_se_tpg,
3387 cmd->conn->sess->sess_ops->InitiatorName))) {
3388 continue;
3389 }
3390
3391 spin_lock(&tpg->tpg_state_lock);
3392 active = (tpg->tpg_state == TPG_STATE_ACTIVE);
3393 spin_unlock(&tpg->tpg_state_lock);
3394
3395 if (!active && tpg->tpg_attrib.tpg_enabled_sendtargets)
3396 continue;
3397
3398 spin_lock(&tpg->tpg_np_lock);
3399 list_for_each_entry(tpg_np, &tpg->tpg_gnp_list,
3400 tpg_np_list) {
3401 struct iscsi_np *np = tpg_np->tpg_np;
3402 bool inaddr_any = iscsit_check_inaddr_any(np);
3403 struct sockaddr_storage *sockaddr;
3404
3405 if (np->np_network_transport != network_transport)
3406 continue;
3407
3408 if (!target_name_printed) {
3409 len = sprintf(buf, "TargetName=%s",
3410 tiqn->tiqn);
3411 len += 1;
3412
3413 if ((len + payload_len) > buffer_len) {
3414 spin_unlock(&tpg->tpg_np_lock);
3415 spin_unlock(&tiqn->tiqn_tpg_lock);
3416 end_of_buf = 1;
3417 goto eob;
3418 }
3419
3420 if (skip_bytes && len <= skip_bytes) {
3421 skip_bytes -= len;
3422 } else {
3423 memcpy(payload + payload_len, buf, len);
3424 payload_len += len;
3425 target_name_printed = 1;
3426 if (len > skip_bytes)
3427 skip_bytes = 0;
3428 }
3429 }
3430
3431 if (inaddr_any)
3432 sockaddr = &conn->local_sockaddr;
3433 else
3434 sockaddr = &np->np_sockaddr;
3435
3436 len = sprintf(buf, "TargetAddress="
3437 "%pISpc,%hu",
3438 sockaddr,
3439 tpg->tpgt);
3440 len += 1;
3441
3442 if ((len + payload_len) > buffer_len) {
3443 spin_unlock(&tpg->tpg_np_lock);
3444 spin_unlock(&tiqn->tiqn_tpg_lock);
3445 end_of_buf = 1;
3446 goto eob;
3447 }
3448
3449 if (skip_bytes && len <= skip_bytes) {
3450 skip_bytes -= len;
3451 } else {
3452 memcpy(payload + payload_len, buf, len);
3453 payload_len += len;
3454 if (len > skip_bytes)
3455 skip_bytes = 0;
3456 }
3457 }
3458 spin_unlock(&tpg->tpg_np_lock);
3459 }
3460 spin_unlock(&tiqn->tiqn_tpg_lock);
3461eob:
3462 if (end_of_buf) {
3463 *completed = false;
3464 break;
3465 }
3466
3467 if (cmd->cmd_flags & ICF_SENDTARGETS_SINGLE)
3468 break;
3469 }
3470 spin_unlock(&tiqn_lock);
3471
3472 cmd->buf_ptr = payload;
3473
3474 return payload_len;
3475}
3476
3477int
3478iscsit_build_text_rsp(struct iscsi_cmd *cmd, struct iscsi_conn *conn,
3479 struct iscsi_text_rsp *hdr,
3480 enum iscsit_transport_type network_transport)
3481{
3482 int text_length, padding;
3483 bool completed = true;
3484
3485 text_length = iscsit_build_sendtargets_response(cmd, network_transport,
3486 cmd->read_data_done,
3487 &completed);
3488 if (text_length < 0)
3489 return text_length;
3490
3491 if (completed) {
3492 hdr->flags |= ISCSI_FLAG_CMD_FINAL;
3493 } else {
3494 hdr->flags |= ISCSI_FLAG_TEXT_CONTINUE;
3495 cmd->read_data_done += text_length;
3496 if (cmd->targ_xfer_tag == 0xFFFFFFFF)
3497 cmd->targ_xfer_tag = session_get_next_ttt(conn->sess);
3498 }
3499 hdr->opcode = ISCSI_OP_TEXT_RSP;
3500 padding = ((-text_length) & 3);
3501 hton24(hdr->dlength, text_length);
3502 hdr->itt = cmd->init_task_tag;
3503 hdr->ttt = cpu_to_be32(cmd->targ_xfer_tag);
3504 cmd->stat_sn = conn->stat_sn++;
3505 hdr->statsn = cpu_to_be32(cmd->stat_sn);
3506
3507 iscsit_increment_maxcmdsn(cmd, conn->sess);
3508
3509
3510
3511
3512
3513 cmd->maxcmdsn_inc = 0;
3514 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
3515 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn));
3516
3517 pr_debug("Built Text Response: ITT: 0x%08x, TTT: 0x%08x, StatSN: 0x%08x,"
3518 " Length: %u, CID: %hu F: %d C: %d\n", cmd->init_task_tag,
3519 cmd->targ_xfer_tag, cmd->stat_sn, text_length, conn->cid,
3520 !!(hdr->flags & ISCSI_FLAG_CMD_FINAL),
3521 !!(hdr->flags & ISCSI_FLAG_TEXT_CONTINUE));
3522
3523 return text_length + padding;
3524}
3525EXPORT_SYMBOL(iscsit_build_text_rsp);
3526
3527static int iscsit_send_text_rsp(
3528 struct iscsi_cmd *cmd,
3529 struct iscsi_conn *conn)
3530{
3531 struct iscsi_text_rsp *hdr = (struct iscsi_text_rsp *)cmd->pdu;
3532 int text_length;
3533
3534 text_length = iscsit_build_text_rsp(cmd, conn, hdr,
3535 conn->conn_transport->transport_type);
3536 if (text_length < 0)
3537 return text_length;
3538
3539 return conn->conn_transport->iscsit_xmit_pdu(conn, cmd, NULL,
3540 cmd->buf_ptr,
3541 text_length);
3542}
3543
3544void
3545iscsit_build_reject(struct iscsi_cmd *cmd, struct iscsi_conn *conn,
3546 struct iscsi_reject *hdr)
3547{
3548 hdr->opcode = ISCSI_OP_REJECT;
3549 hdr->reason = cmd->reject_reason;
3550 hdr->flags |= ISCSI_FLAG_CMD_FINAL;
3551 hton24(hdr->dlength, ISCSI_HDR_LEN);
3552 hdr->ffffffff = cpu_to_be32(0xffffffff);
3553 cmd->stat_sn = conn->stat_sn++;
3554 hdr->statsn = cpu_to_be32(cmd->stat_sn);
3555 hdr->exp_cmdsn = cpu_to_be32(conn->sess->exp_cmd_sn);
3556 hdr->max_cmdsn = cpu_to_be32((u32) atomic_read(&conn->sess->max_cmd_sn));
3557
3558}
3559EXPORT_SYMBOL(iscsit_build_reject);
3560
3561static int iscsit_send_reject(
3562 struct iscsi_cmd *cmd,
3563 struct iscsi_conn *conn)
3564{
3565 struct iscsi_reject *hdr = (struct iscsi_reject *)&cmd->pdu[0];
3566
3567 iscsit_build_reject(cmd, conn, hdr);
3568
3569 pr_debug("Built Reject PDU StatSN: 0x%08x, Reason: 0x%02x,"
3570 " CID: %hu\n", ntohl(hdr->statsn), hdr->reason, conn->cid);
3571
3572 return conn->conn_transport->iscsit_xmit_pdu(conn, cmd, NULL,
3573 cmd->buf_ptr,
3574 ISCSI_HDR_LEN);
3575}
3576
3577void iscsit_thread_get_cpumask(struct iscsi_conn *conn)
3578{
3579 int ord, cpu;
3580
3581
3582
3583
3584
3585
3586
3587
3588 ord = conn->bitmap_id % cpumask_weight(cpu_online_mask);
3589 for_each_online_cpu(cpu) {
3590 if (ord-- == 0) {
3591 cpumask_set_cpu(cpu, conn->conn_cpumask);
3592 return;
3593 }
3594 }
3595
3596
3597
3598 dump_stack();
3599 cpumask_setall(conn->conn_cpumask);
3600}
3601
3602int
3603iscsit_immediate_queue(struct iscsi_conn *conn, struct iscsi_cmd *cmd, int state)
3604{
3605 int ret;
3606
3607 switch (state) {
3608 case ISTATE_SEND_R2T:
3609 ret = iscsit_send_r2t(cmd, conn);
3610 if (ret < 0)
3611 goto err;
3612 break;
3613 case ISTATE_REMOVE:
3614 spin_lock_bh(&conn->cmd_lock);
3615 list_del_init(&cmd->i_conn_node);
3616 spin_unlock_bh(&conn->cmd_lock);
3617
3618 iscsit_free_cmd(cmd, false);
3619 break;
3620 case ISTATE_SEND_NOPIN_WANT_RESPONSE:
3621 iscsit_mod_nopin_response_timer(conn);
3622 ret = iscsit_send_unsolicited_nopin(cmd, conn, 1);
3623 if (ret < 0)
3624 goto err;
3625 break;
3626 case ISTATE_SEND_NOPIN_NO_RESPONSE:
3627 ret = iscsit_send_unsolicited_nopin(cmd, conn, 0);
3628 if (ret < 0)
3629 goto err;
3630 break;
3631 default:
3632 pr_err("Unknown Opcode: 0x%02x ITT:"
3633 " 0x%08x, i_state: %d on CID: %hu\n",
3634 cmd->iscsi_opcode, cmd->init_task_tag, state,
3635 conn->cid);
3636 goto err;
3637 }
3638
3639 return 0;
3640
3641err:
3642 return -1;
3643}
3644EXPORT_SYMBOL(iscsit_immediate_queue);
3645
3646static int
3647iscsit_handle_immediate_queue(struct iscsi_conn *conn)
3648{
3649 struct iscsit_transport *t = conn->conn_transport;
3650 struct iscsi_queue_req *qr;
3651 struct iscsi_cmd *cmd;
3652 u8 state;
3653 int ret;
3654
3655 while ((qr = iscsit_get_cmd_from_immediate_queue(conn))) {
3656 atomic_set(&conn->check_immediate_queue, 0);
3657 cmd = qr->cmd;
3658 state = qr->state;
3659 kmem_cache_free(lio_qr_cache, qr);
3660
3661 ret = t->iscsit_immediate_queue(conn, cmd, state);
3662 if (ret < 0)
3663 return ret;
3664 }
3665
3666 return 0;
3667}
3668
3669int
3670iscsit_response_queue(struct iscsi_conn *conn, struct iscsi_cmd *cmd, int state)
3671{
3672 int ret;
3673
3674check_rsp_state:
3675 switch (state) {
3676 case ISTATE_SEND_DATAIN:
3677 ret = iscsit_send_datain(cmd, conn);
3678 if (ret < 0)
3679 goto err;
3680 else if (!ret)
3681
3682 goto check_rsp_state;
3683 else if (ret == 1) {
3684
3685 spin_lock_bh(&cmd->istate_lock);
3686 cmd->i_state = ISTATE_SENT_STATUS;
3687 spin_unlock_bh(&cmd->istate_lock);
3688
3689 if (atomic_read(&conn->check_immediate_queue))
3690 return 1;
3691
3692 return 0;
3693 } else if (ret == 2) {
3694
3695
3696 spin_lock_bh(&cmd->istate_lock);
3697 cmd->i_state = ISTATE_SEND_STATUS;
3698 spin_unlock_bh(&cmd->istate_lock);
3699 state = ISTATE_SEND_STATUS;
3700 goto check_rsp_state;
3701 }
3702
3703 break;
3704 case ISTATE_SEND_STATUS:
3705 case ISTATE_SEND_STATUS_RECOVERY:
3706 ret = iscsit_send_response(cmd, conn);
3707 break;
3708 case ISTATE_SEND_LOGOUTRSP:
3709 ret = iscsit_send_logout(cmd, conn);
3710 break;
3711 case ISTATE_SEND_ASYNCMSG:
3712 ret = iscsit_send_conn_drop_async_message(
3713 cmd, conn);
3714 break;
3715 case ISTATE_SEND_NOPIN:
3716 ret = iscsit_send_nopin(cmd, conn);
3717 break;
3718 case ISTATE_SEND_REJECT:
3719 ret = iscsit_send_reject(cmd, conn);
3720 break;
3721 case ISTATE_SEND_TASKMGTRSP:
3722 ret = iscsit_send_task_mgt_rsp(cmd, conn);
3723 if (ret != 0)
3724 break;
3725 ret = iscsit_tmr_post_handler(cmd, conn);
3726 if (ret != 0)
3727 iscsit_fall_back_to_erl0(conn->sess);
3728 break;
3729 case ISTATE_SEND_TEXTRSP:
3730 ret = iscsit_send_text_rsp(cmd, conn);
3731 break;
3732 default:
3733 pr_err("Unknown Opcode: 0x%02x ITT:"
3734 " 0x%08x, i_state: %d on CID: %hu\n",
3735 cmd->iscsi_opcode, cmd->init_task_tag,
3736 state, conn->cid);
3737 goto err;
3738 }
3739 if (ret < 0)
3740 goto err;
3741
3742 switch (state) {
3743 case ISTATE_SEND_LOGOUTRSP:
3744 if (!iscsit_logout_post_handler(cmd, conn))
3745 return -ECONNRESET;
3746
3747 case ISTATE_SEND_STATUS:
3748 case ISTATE_SEND_ASYNCMSG:
3749 case ISTATE_SEND_NOPIN:
3750 case ISTATE_SEND_STATUS_RECOVERY:
3751 case ISTATE_SEND_TEXTRSP:
3752 case ISTATE_SEND_TASKMGTRSP:
3753 case ISTATE_SEND_REJECT:
3754 spin_lock_bh(&cmd->istate_lock);
3755 cmd->i_state = ISTATE_SENT_STATUS;
3756 spin_unlock_bh(&cmd->istate_lock);
3757 break;
3758 default:
3759 pr_err("Unknown Opcode: 0x%02x ITT:"
3760 " 0x%08x, i_state: %d on CID: %hu\n",
3761 cmd->iscsi_opcode, cmd->init_task_tag,
3762 cmd->i_state, conn->cid);
3763 goto err;
3764 }
3765
3766 if (atomic_read(&conn->check_immediate_queue))
3767 return 1;
3768
3769 return 0;
3770
3771err:
3772 return -1;
3773}
3774EXPORT_SYMBOL(iscsit_response_queue);
3775
3776static int iscsit_handle_response_queue(struct iscsi_conn *conn)
3777{
3778 struct iscsit_transport *t = conn->conn_transport;
3779 struct iscsi_queue_req *qr;
3780 struct iscsi_cmd *cmd;
3781 u8 state;
3782 int ret;
3783
3784 while ((qr = iscsit_get_cmd_from_response_queue(conn))) {
3785 cmd = qr->cmd;
3786 state = qr->state;
3787 kmem_cache_free(lio_qr_cache, qr);
3788
3789 ret = t->iscsit_response_queue(conn, cmd, state);
3790 if (ret == 1 || ret < 0)
3791 return ret;
3792 }
3793
3794 return 0;
3795}
3796
3797int iscsi_target_tx_thread(void *arg)
3798{
3799 int ret = 0;
3800 struct iscsi_conn *conn = arg;
3801
3802
3803
3804
3805 allow_signal(SIGINT);
3806
3807 while (!kthread_should_stop()) {
3808
3809
3810
3811
3812 iscsit_thread_check_cpumask(conn, current, 1);
3813
3814 wait_event_interruptible(conn->queues_wq,
3815 !iscsit_conn_all_queues_empty(conn));
3816
3817 if (signal_pending(current))
3818 goto transport_err;
3819
3820get_immediate:
3821 ret = iscsit_handle_immediate_queue(conn);
3822 if (ret < 0)
3823 goto transport_err;
3824
3825 ret = iscsit_handle_response_queue(conn);
3826 if (ret == 1)
3827 goto get_immediate;
3828 else if (ret == -ECONNRESET)
3829 goto out;
3830 else if (ret < 0)
3831 goto transport_err;
3832 }
3833
3834transport_err:
3835
3836
3837
3838
3839
3840 if (conn->conn_state != TARG_CONN_STATE_IN_LOGIN)
3841 iscsit_take_action_for_connection_exit(conn);
3842out:
3843 return 0;
3844}
3845
3846static int iscsi_target_rx_opcode(struct iscsi_conn *conn, unsigned char *buf)
3847{
3848 struct iscsi_hdr *hdr = (struct iscsi_hdr *)buf;
3849 struct iscsi_cmd *cmd;
3850 int ret = 0;
3851
3852 switch (hdr->opcode & ISCSI_OPCODE_MASK) {
3853 case ISCSI_OP_SCSI_CMD:
3854 cmd = iscsit_allocate_cmd(conn, TASK_INTERRUPTIBLE);
3855 if (!cmd)
3856 goto reject;
3857
3858 ret = iscsit_handle_scsi_cmd(conn, cmd, buf);
3859 break;
3860 case ISCSI_OP_SCSI_DATA_OUT:
3861 ret = iscsit_handle_data_out(conn, buf);
3862 break;
3863 case ISCSI_OP_NOOP_OUT:
3864 cmd = NULL;
3865 if (hdr->ttt == cpu_to_be32(0xFFFFFFFF)) {
3866 cmd = iscsit_allocate_cmd(conn, TASK_INTERRUPTIBLE);
3867 if (!cmd)
3868 goto reject;
3869 }
3870 ret = iscsit_handle_nop_out(conn, cmd, buf);
3871 break;
3872 case ISCSI_OP_SCSI_TMFUNC:
3873 cmd = iscsit_allocate_cmd(conn, TASK_INTERRUPTIBLE);
3874 if (!cmd)
3875 goto reject;
3876
3877 ret = iscsit_handle_task_mgt_cmd(conn, cmd, buf);
3878 break;
3879 case ISCSI_OP_TEXT:
3880 if (hdr->ttt != cpu_to_be32(0xFFFFFFFF)) {
3881 cmd = iscsit_find_cmd_from_itt(conn, hdr->itt);
3882 if (!cmd)
3883 goto reject;
3884 } else {
3885 cmd = iscsit_allocate_cmd(conn, TASK_INTERRUPTIBLE);
3886 if (!cmd)
3887 goto reject;
3888 }
3889
3890 ret = iscsit_handle_text_cmd(conn, cmd, buf);
3891 break;
3892 case ISCSI_OP_LOGOUT:
3893 cmd = iscsit_allocate_cmd(conn, TASK_INTERRUPTIBLE);
3894 if (!cmd)
3895 goto reject;
3896
3897 ret = iscsit_handle_logout_cmd(conn, cmd, buf);
3898 if (ret > 0)
3899 wait_for_completion_timeout(&conn->conn_logout_comp,
3900 SECONDS_FOR_LOGOUT_COMP * HZ);
3901 break;
3902 case ISCSI_OP_SNACK:
3903 ret = iscsit_handle_snack(conn, buf);
3904 break;
3905 default:
3906 pr_err("Got unknown iSCSI OpCode: 0x%02x\n", hdr->opcode);
3907 if (!conn->sess->sess_ops->ErrorRecoveryLevel) {
3908 pr_err("Cannot recover from unknown"
3909 " opcode while ERL=0, closing iSCSI connection.\n");
3910 return -1;
3911 }
3912 pr_err("Unable to recover from unknown opcode while OFMarker=No,"
3913 " closing iSCSI connection.\n");
3914 ret = -1;
3915 break;
3916 }
3917
3918 return ret;
3919reject:
3920 return iscsit_add_reject(conn, ISCSI_REASON_BOOKMARK_NO_RESOURCES, buf);
3921}
3922
3923static bool iscsi_target_check_conn_state(struct iscsi_conn *conn)
3924{
3925 bool ret;
3926
3927 spin_lock_bh(&conn->state_lock);
3928 ret = (conn->conn_state != TARG_CONN_STATE_LOGGED_IN);
3929 spin_unlock_bh(&conn->state_lock);
3930
3931 return ret;
3932}
3933
3934static void iscsit_get_rx_pdu(struct iscsi_conn *conn)
3935{
3936 int ret;
3937 u8 buffer[ISCSI_HDR_LEN], opcode;
3938 u32 checksum = 0, digest = 0;
3939 struct kvec iov;
3940
3941 while (!kthread_should_stop()) {
3942
3943
3944
3945
3946 iscsit_thread_check_cpumask(conn, current, 0);
3947
3948 memset(buffer, 0, ISCSI_HDR_LEN);
3949 memset(&iov, 0, sizeof(struct kvec));
3950
3951 iov.iov_base = buffer;
3952 iov.iov_len = ISCSI_HDR_LEN;
3953
3954 ret = rx_data(conn, &iov, 1, ISCSI_HDR_LEN);
3955 if (ret != ISCSI_HDR_LEN) {
3956 iscsit_rx_thread_wait_for_tcp(conn);
3957 return;
3958 }
3959
3960 if (conn->conn_ops->HeaderDigest) {
3961 iov.iov_base = &digest;
3962 iov.iov_len = ISCSI_CRC_LEN;
3963
3964 ret = rx_data(conn, &iov, 1, ISCSI_CRC_LEN);
3965 if (ret != ISCSI_CRC_LEN) {
3966 iscsit_rx_thread_wait_for_tcp(conn);
3967 return;
3968 }
3969
3970 iscsit_do_crypto_hash_buf(conn->conn_rx_hash,
3971 buffer, ISCSI_HDR_LEN,
3972 0, NULL, (u8 *)&checksum);
3973
3974 if (digest != checksum) {
3975 pr_err("HeaderDigest CRC32C failed,"
3976 " received 0x%08x, computed 0x%08x\n",
3977 digest, checksum);
3978
3979
3980
3981
3982 memset(buffer, 0xff, ISCSI_HDR_LEN);
3983 atomic_long_inc(&conn->sess->conn_digest_errors);
3984 } else {
3985 pr_debug("Got HeaderDigest CRC32C"
3986 " 0x%08x\n", checksum);
3987 }
3988 }
3989
3990 if (conn->conn_state == TARG_CONN_STATE_IN_LOGOUT)
3991 return;
3992
3993 opcode = buffer[0] & ISCSI_OPCODE_MASK;
3994
3995 if (conn->sess->sess_ops->SessionType &&
3996 ((!(opcode & ISCSI_OP_TEXT)) ||
3997 (!(opcode & ISCSI_OP_LOGOUT)))) {
3998 pr_err("Received illegal iSCSI Opcode: 0x%02x"
3999 " while in Discovery Session, rejecting.\n", opcode);
4000 iscsit_add_reject(conn, ISCSI_REASON_PROTOCOL_ERROR,
4001 buffer);
4002 return;
4003 }
4004
4005 ret = iscsi_target_rx_opcode(conn, buffer);
4006 if (ret < 0)
4007 return;
4008 }
4009}
4010
4011int iscsi_target_rx_thread(void *arg)
4012{
4013 int rc;
4014 struct iscsi_conn *conn = arg;
4015
4016
4017
4018
4019
4020 allow_signal(SIGINT);
4021
4022
4023
4024
4025 rc = wait_for_completion_interruptible(&conn->rx_login_comp);
4026 if (rc < 0 || iscsi_target_check_conn_state(conn))
4027 return 0;
4028
4029 if (!conn->conn_transport->iscsit_get_rx_pdu)
4030 return 0;
4031
4032 conn->conn_transport->iscsit_get_rx_pdu(conn);
4033
4034 if (!signal_pending(current))
4035 atomic_set(&conn->transport_failed, 1);
4036 iscsit_take_action_for_connection_exit(conn);
4037 return 0;
4038}
4039
4040static void iscsit_release_commands_from_conn(struct iscsi_conn *conn)
4041{
4042 LIST_HEAD(tmp_list);
4043 struct iscsi_cmd *cmd = NULL, *cmd_tmp = NULL;
4044 struct iscsi_session *sess = conn->sess;
4045
4046
4047
4048
4049
4050 spin_lock_bh(&conn->cmd_lock);
4051 list_splice_init(&conn->conn_cmd_list, &tmp_list);
4052
4053 list_for_each_entry(cmd, &tmp_list, i_conn_node) {
4054 struct se_cmd *se_cmd = &cmd->se_cmd;
4055
4056 if (se_cmd->se_tfo != NULL) {
4057 spin_lock(&se_cmd->t_state_lock);
4058 se_cmd->transport_state |= CMD_T_FABRIC_STOP;
4059 spin_unlock(&se_cmd->t_state_lock);
4060 }
4061 }
4062 spin_unlock_bh(&conn->cmd_lock);
4063
4064 list_for_each_entry_safe(cmd, cmd_tmp, &tmp_list, i_conn_node) {
4065 list_del_init(&cmd->i_conn_node);
4066
4067 iscsit_increment_maxcmdsn(cmd, sess);
4068 iscsit_free_cmd(cmd, true);
4069
4070 }
4071}
4072
4073static void iscsit_stop_timers_for_cmds(
4074 struct iscsi_conn *conn)
4075{
4076 struct iscsi_cmd *cmd;
4077
4078 spin_lock_bh(&conn->cmd_lock);
4079 list_for_each_entry(cmd, &conn->conn_cmd_list, i_conn_node) {
4080 if (cmd->data_direction == DMA_TO_DEVICE)
4081 iscsit_stop_dataout_timer(cmd);
4082 }
4083 spin_unlock_bh(&conn->cmd_lock);
4084}
4085
4086int iscsit_close_connection(
4087 struct iscsi_conn *conn)
4088{
4089 int conn_logout = (conn->conn_state == TARG_CONN_STATE_IN_LOGOUT);
4090 struct iscsi_session *sess = conn->sess;
4091
4092 pr_debug("Closing iSCSI connection CID %hu on SID:"
4093 " %u\n", conn->cid, sess->sid);
4094
4095
4096
4097
4098
4099
4100
4101
4102
4103
4104
4105 if (!conn->conn_transport->rdma_shutdown)
4106 complete(&conn->conn_logout_comp);
4107
4108 if (!strcmp(current->comm, ISCSI_RX_THREAD_NAME)) {
4109 if (conn->tx_thread &&
4110 cmpxchg(&conn->tx_thread_active, true, false)) {
4111 send_sig(SIGINT, conn->tx_thread, 1);
4112 kthread_stop(conn->tx_thread);
4113 }
4114 } else if (!strcmp(current->comm, ISCSI_TX_THREAD_NAME)) {
4115 if (conn->rx_thread &&
4116 cmpxchg(&conn->rx_thread_active, true, false)) {
4117 send_sig(SIGINT, conn->rx_thread, 1);
4118 kthread_stop(conn->rx_thread);
4119 }
4120 }
4121
4122 spin_lock(&iscsit_global->ts_bitmap_lock);
4123 bitmap_release_region(iscsit_global->ts_bitmap, conn->bitmap_id,
4124 get_order(1));
4125 spin_unlock(&iscsit_global->ts_bitmap_lock);
4126
4127 iscsit_stop_timers_for_cmds(conn);
4128 iscsit_stop_nopin_response_timer(conn);
4129 iscsit_stop_nopin_timer(conn);
4130
4131 if (conn->conn_transport->iscsit_wait_conn)
4132 conn->conn_transport->iscsit_wait_conn(conn);
4133
4134
4135
4136
4137
4138
4139
4140
4141
4142
4143 if (atomic_read(&conn->connection_recovery)) {
4144 iscsit_discard_unacknowledged_ooo_cmdsns_for_conn(conn);
4145 iscsit_prepare_cmds_for_realligance(conn);
4146 } else {
4147 iscsit_clear_ooo_cmdsns_for_conn(conn);
4148 iscsit_release_commands_from_conn(conn);
4149 }
4150 iscsit_free_queue_reqs_for_conn(conn);
4151
4152
4153
4154
4155
4156
4157 if (atomic_read(&conn->conn_logout_remove)) {
4158 if (conn->conn_logout_reason == ISCSI_LOGOUT_REASON_CLOSE_SESSION) {
4159 iscsit_dec_conn_usage_count(conn);
4160 iscsit_dec_session_usage_count(sess);
4161 }
4162 if (conn->conn_logout_reason == ISCSI_LOGOUT_REASON_CLOSE_CONNECTION)
4163 iscsit_dec_conn_usage_count(conn);
4164
4165 atomic_set(&conn->conn_logout_remove, 0);
4166 atomic_set(&sess->session_reinstatement, 0);
4167 atomic_set(&sess->session_fall_back_to_erl0, 1);
4168 }
4169
4170 spin_lock_bh(&sess->conn_lock);
4171 list_del(&conn->conn_list);
4172
4173
4174
4175
4176
4177
4178 if (atomic_read(&conn->connection_recovery))
4179 iscsit_build_conn_drop_async_message(conn);
4180
4181 spin_unlock_bh(&sess->conn_lock);
4182
4183
4184
4185
4186
4187
4188 spin_lock_bh(&conn->state_lock);
4189 if (atomic_read(&conn->sleep_on_conn_wait_comp)) {
4190 spin_unlock_bh(&conn->state_lock);
4191 complete(&conn->conn_wait_comp);
4192 wait_for_completion(&conn->conn_post_wait_comp);
4193 spin_lock_bh(&conn->state_lock);
4194 }
4195
4196
4197
4198
4199
4200
4201
4202 if (atomic_read(&conn->connection_wait_rcfr)) {
4203 spin_unlock_bh(&conn->state_lock);
4204 complete(&conn->conn_wait_rcfr_comp);
4205 wait_for_completion(&conn->conn_post_wait_comp);
4206 spin_lock_bh(&conn->state_lock);
4207 }
4208 atomic_set(&conn->connection_reinstatement, 1);
4209 spin_unlock_bh(&conn->state_lock);
4210
4211
4212
4213
4214
4215 iscsit_check_conn_usage_count(conn);
4216
4217 ahash_request_free(conn->conn_tx_hash);
4218 if (conn->conn_rx_hash) {
4219 struct crypto_ahash *tfm;
4220
4221 tfm = crypto_ahash_reqtfm(conn->conn_rx_hash);
4222 ahash_request_free(conn->conn_rx_hash);
4223 crypto_free_ahash(tfm);
4224 }
4225
4226 free_cpumask_var(conn->conn_cpumask);
4227
4228 kfree(conn->conn_ops);
4229 conn->conn_ops = NULL;
4230
4231 if (conn->sock)
4232 sock_release(conn->sock);
4233
4234 if (conn->conn_transport->iscsit_free_conn)
4235 conn->conn_transport->iscsit_free_conn(conn);
4236
4237 iscsit_put_transport(conn->conn_transport);
4238
4239 pr_debug("Moving to TARG_CONN_STATE_FREE.\n");
4240 conn->conn_state = TARG_CONN_STATE_FREE;
4241 kfree(conn);
4242
4243 spin_lock_bh(&sess->conn_lock);
4244 atomic_dec(&sess->nconn);
4245 pr_debug("Decremented iSCSI connection count to %hu from node:"
4246 " %s\n", atomic_read(&sess->nconn),
4247 sess->sess_ops->InitiatorName);
4248
4249
4250
4251
4252 if ((sess->sess_ops->ErrorRecoveryLevel != 2) && !conn_logout &&
4253 !atomic_read(&sess->session_logout))
4254 atomic_set(&sess->session_fall_back_to_erl0, 1);
4255
4256
4257
4258
4259
4260
4261
4262 if (atomic_read(&sess->nconn)) {
4263 if (!atomic_read(&sess->session_reinstatement) &&
4264 !atomic_read(&sess->session_fall_back_to_erl0)) {
4265 spin_unlock_bh(&sess->conn_lock);
4266 return 0;
4267 }
4268 if (!atomic_read(&sess->session_stop_active)) {
4269 atomic_set(&sess->session_stop_active, 1);
4270 spin_unlock_bh(&sess->conn_lock);
4271 iscsit_stop_session(sess, 0, 0);
4272 return 0;
4273 }
4274 spin_unlock_bh(&sess->conn_lock);
4275 return 0;
4276 }
4277
4278
4279
4280
4281
4282
4283
4284
4285
4286
4287
4288
4289
4290
4291 if (!atomic_read(&sess->session_reinstatement) &&
4292 atomic_read(&sess->session_fall_back_to_erl0)) {
4293 spin_unlock_bh(&sess->conn_lock);
4294 iscsit_close_session(sess);
4295
4296 return 0;
4297 } else if (atomic_read(&sess->session_logout)) {
4298 pr_debug("Moving to TARG_SESS_STATE_FREE.\n");
4299 sess->session_state = TARG_SESS_STATE_FREE;
4300 spin_unlock_bh(&sess->conn_lock);
4301
4302 if (atomic_read(&sess->sleep_on_sess_wait_comp))
4303 complete(&sess->session_wait_comp);
4304
4305 return 0;
4306 } else {
4307 pr_debug("Moving to TARG_SESS_STATE_FAILED.\n");
4308 sess->session_state = TARG_SESS_STATE_FAILED;
4309
4310 if (!atomic_read(&sess->session_continuation)) {
4311 spin_unlock_bh(&sess->conn_lock);
4312 iscsit_start_time2retain_handler(sess);
4313 } else
4314 spin_unlock_bh(&sess->conn_lock);
4315
4316 if (atomic_read(&sess->sleep_on_sess_wait_comp))
4317 complete(&sess->session_wait_comp);
4318
4319 return 0;
4320 }
4321}
4322
4323
4324
4325
4326
4327int iscsit_close_session(struct iscsi_session *sess)
4328{
4329 struct iscsi_portal_group *tpg = sess->tpg;
4330 struct se_portal_group *se_tpg = &tpg->tpg_se_tpg;
4331
4332 if (atomic_read(&sess->nconn)) {
4333 pr_err("%d connection(s) still exist for iSCSI session"
4334 " to %s\n", atomic_read(&sess->nconn),
4335 sess->sess_ops->InitiatorName);
4336 BUG();
4337 }
4338
4339 spin_lock_bh(&se_tpg->session_lock);
4340 atomic_set(&sess->session_logout, 1);
4341 atomic_set(&sess->session_reinstatement, 1);
4342 iscsit_stop_time2retain_timer(sess);
4343 spin_unlock_bh(&se_tpg->session_lock);
4344
4345
4346
4347
4348
4349
4350
4351
4352 transport_deregister_session_configfs(sess->se_sess);
4353
4354
4355
4356
4357
4358
4359
4360 if (!in_interrupt()) {
4361 if (iscsit_check_session_usage_count(sess) == 1)
4362 iscsit_stop_session(sess, 1, 1);
4363 } else {
4364 if (iscsit_check_session_usage_count(sess) == 2) {
4365 atomic_set(&sess->session_logout, 0);
4366 iscsit_start_time2retain_handler(sess);
4367 return 0;
4368 }
4369 }
4370
4371 transport_deregister_session(sess->se_sess);
4372
4373 if (sess->sess_ops->ErrorRecoveryLevel == 2)
4374 iscsit_free_connection_recovery_entires(sess);
4375
4376 iscsit_free_all_ooo_cmdsns(sess);
4377
4378 spin_lock_bh(&se_tpg->session_lock);
4379 pr_debug("Moving to TARG_SESS_STATE_FREE.\n");
4380 sess->session_state = TARG_SESS_STATE_FREE;
4381 pr_debug("Released iSCSI session from node: %s\n",
4382 sess->sess_ops->InitiatorName);
4383 tpg->nsessions--;
4384 if (tpg->tpg_tiqn)
4385 tpg->tpg_tiqn->tiqn_nsessions--;
4386
4387 pr_debug("Decremented number of active iSCSI Sessions on"
4388 " iSCSI TPG: %hu to %u\n", tpg->tpgt, tpg->nsessions);
4389
4390 spin_lock(&sess_idr_lock);
4391 idr_remove(&sess_idr, sess->session_index);
4392 spin_unlock(&sess_idr_lock);
4393
4394 kfree(sess->sess_ops);
4395 sess->sess_ops = NULL;
4396 spin_unlock_bh(&se_tpg->session_lock);
4397
4398 kfree(sess);
4399 return 0;
4400}
4401
4402static void iscsit_logout_post_handler_closesession(
4403 struct iscsi_conn *conn)
4404{
4405 struct iscsi_session *sess = conn->sess;
4406 int sleep = 1;
4407
4408
4409
4410
4411
4412
4413
4414
4415
4416 if (!conn->conn_transport->rdma_shutdown)
4417 sleep = cmpxchg(&conn->tx_thread_active, true, false);
4418
4419 atomic_set(&conn->conn_logout_remove, 0);
4420 complete(&conn->conn_logout_comp);
4421
4422 iscsit_dec_conn_usage_count(conn);
4423 iscsit_stop_session(sess, sleep, sleep);
4424 iscsit_dec_session_usage_count(sess);
4425 iscsit_close_session(sess);
4426}
4427
4428static void iscsit_logout_post_handler_samecid(
4429 struct iscsi_conn *conn)
4430{
4431 int sleep = 1;
4432
4433 if (!conn->conn_transport->rdma_shutdown)
4434 sleep = cmpxchg(&conn->tx_thread_active, true, false);
4435
4436 atomic_set(&conn->conn_logout_remove, 0);
4437 complete(&conn->conn_logout_comp);
4438
4439 iscsit_cause_connection_reinstatement(conn, sleep);
4440 iscsit_dec_conn_usage_count(conn);
4441}
4442
4443static void iscsit_logout_post_handler_diffcid(
4444 struct iscsi_conn *conn,
4445 u16 cid)
4446{
4447 struct iscsi_conn *l_conn;
4448 struct iscsi_session *sess = conn->sess;
4449 bool conn_found = false;
4450
4451 if (!sess)
4452 return;
4453
4454 spin_lock_bh(&sess->conn_lock);
4455 list_for_each_entry(l_conn, &sess->sess_conn_list, conn_list) {
4456 if (l_conn->cid == cid) {
4457 iscsit_inc_conn_usage_count(l_conn);
4458 conn_found = true;
4459 break;
4460 }
4461 }
4462 spin_unlock_bh(&sess->conn_lock);
4463
4464 if (!conn_found)
4465 return;
4466
4467 if (l_conn->sock)
4468 l_conn->sock->ops->shutdown(l_conn->sock, RCV_SHUTDOWN);
4469
4470 spin_lock_bh(&l_conn->state_lock);
4471 pr_debug("Moving to TARG_CONN_STATE_IN_LOGOUT.\n");
4472 l_conn->conn_state = TARG_CONN_STATE_IN_LOGOUT;
4473 spin_unlock_bh(&l_conn->state_lock);
4474
4475 iscsit_cause_connection_reinstatement(l_conn, 1);
4476 iscsit_dec_conn_usage_count(l_conn);
4477}
4478
4479
4480
4481
4482int iscsit_logout_post_handler(
4483 struct iscsi_cmd *cmd,
4484 struct iscsi_conn *conn)
4485{
4486 int ret = 0;
4487
4488 switch (cmd->logout_reason) {
4489 case ISCSI_LOGOUT_REASON_CLOSE_SESSION:
4490 switch (cmd->logout_response) {
4491 case ISCSI_LOGOUT_SUCCESS:
4492 case ISCSI_LOGOUT_CLEANUP_FAILED:
4493 default:
4494 iscsit_logout_post_handler_closesession(conn);
4495 break;
4496 }
4497 ret = 0;
4498 break;
4499 case ISCSI_LOGOUT_REASON_CLOSE_CONNECTION:
4500 if (conn->cid == cmd->logout_cid) {
4501 switch (cmd->logout_response) {
4502 case ISCSI_LOGOUT_SUCCESS:
4503 case ISCSI_LOGOUT_CLEANUP_FAILED:
4504 default:
4505 iscsit_logout_post_handler_samecid(conn);
4506 break;
4507 }
4508 ret = 0;
4509 } else {
4510 switch (cmd->logout_response) {
4511 case ISCSI_LOGOUT_SUCCESS:
4512 iscsit_logout_post_handler_diffcid(conn,
4513 cmd->logout_cid);
4514 break;
4515 case ISCSI_LOGOUT_CID_NOT_FOUND:
4516 case ISCSI_LOGOUT_CLEANUP_FAILED:
4517 default:
4518 break;
4519 }
4520 ret = 1;
4521 }
4522 break;
4523 case ISCSI_LOGOUT_REASON_RECOVERY:
4524 switch (cmd->logout_response) {
4525 case ISCSI_LOGOUT_SUCCESS:
4526 case ISCSI_LOGOUT_CID_NOT_FOUND:
4527 case ISCSI_LOGOUT_RECOVERY_UNSUPPORTED:
4528 case ISCSI_LOGOUT_CLEANUP_FAILED:
4529 default:
4530 break;
4531 }
4532 ret = 1;
4533 break;
4534 default:
4535 break;
4536
4537 }
4538 return ret;
4539}
4540EXPORT_SYMBOL(iscsit_logout_post_handler);
4541
4542void iscsit_fail_session(struct iscsi_session *sess)
4543{
4544 struct iscsi_conn *conn;
4545
4546 spin_lock_bh(&sess->conn_lock);
4547 list_for_each_entry(conn, &sess->sess_conn_list, conn_list) {
4548 pr_debug("Moving to TARG_CONN_STATE_CLEANUP_WAIT.\n");
4549 conn->conn_state = TARG_CONN_STATE_CLEANUP_WAIT;
4550 }
4551 spin_unlock_bh(&sess->conn_lock);
4552
4553 pr_debug("Moving to TARG_SESS_STATE_FAILED.\n");
4554 sess->session_state = TARG_SESS_STATE_FAILED;
4555}
4556
4557int iscsit_free_session(struct iscsi_session *sess)
4558{
4559 u16 conn_count = atomic_read(&sess->nconn);
4560 struct iscsi_conn *conn, *conn_tmp = NULL;
4561 int is_last;
4562
4563 spin_lock_bh(&sess->conn_lock);
4564 atomic_set(&sess->sleep_on_sess_wait_comp, 1);
4565
4566 list_for_each_entry_safe(conn, conn_tmp, &sess->sess_conn_list,
4567 conn_list) {
4568 if (conn_count == 0)
4569 break;
4570
4571 if (list_is_last(&conn->conn_list, &sess->sess_conn_list)) {
4572 is_last = 1;
4573 } else {
4574 iscsit_inc_conn_usage_count(conn_tmp);
4575 is_last = 0;
4576 }
4577 iscsit_inc_conn_usage_count(conn);
4578
4579 spin_unlock_bh(&sess->conn_lock);
4580 iscsit_cause_connection_reinstatement(conn, 1);
4581 spin_lock_bh(&sess->conn_lock);
4582
4583 iscsit_dec_conn_usage_count(conn);
4584 if (is_last == 0)
4585 iscsit_dec_conn_usage_count(conn_tmp);
4586
4587 conn_count--;
4588 }
4589
4590 if (atomic_read(&sess->nconn)) {
4591 spin_unlock_bh(&sess->conn_lock);
4592 wait_for_completion(&sess->session_wait_comp);
4593 } else
4594 spin_unlock_bh(&sess->conn_lock);
4595
4596 iscsit_close_session(sess);
4597 return 0;
4598}
4599
4600void iscsit_stop_session(
4601 struct iscsi_session *sess,
4602 int session_sleep,
4603 int connection_sleep)
4604{
4605 u16 conn_count = atomic_read(&sess->nconn);
4606 struct iscsi_conn *conn, *conn_tmp = NULL;
4607 int is_last;
4608
4609 spin_lock_bh(&sess->conn_lock);
4610 if (session_sleep)
4611 atomic_set(&sess->sleep_on_sess_wait_comp, 1);
4612
4613 if (connection_sleep) {
4614 list_for_each_entry_safe(conn, conn_tmp, &sess->sess_conn_list,
4615 conn_list) {
4616 if (conn_count == 0)
4617 break;
4618
4619 if (list_is_last(&conn->conn_list, &sess->sess_conn_list)) {
4620 is_last = 1;
4621 } else {
4622 iscsit_inc_conn_usage_count(conn_tmp);
4623 is_last = 0;
4624 }
4625 iscsit_inc_conn_usage_count(conn);
4626
4627 spin_unlock_bh(&sess->conn_lock);
4628 iscsit_cause_connection_reinstatement(conn, 1);
4629 spin_lock_bh(&sess->conn_lock);
4630
4631 iscsit_dec_conn_usage_count(conn);
4632 if (is_last == 0)
4633 iscsit_dec_conn_usage_count(conn_tmp);
4634 conn_count--;
4635 }
4636 } else {
4637 list_for_each_entry(conn, &sess->sess_conn_list, conn_list)
4638 iscsit_cause_connection_reinstatement(conn, 0);
4639 }
4640
4641 if (session_sleep && atomic_read(&sess->nconn)) {
4642 spin_unlock_bh(&sess->conn_lock);
4643 wait_for_completion(&sess->session_wait_comp);
4644 } else
4645 spin_unlock_bh(&sess->conn_lock);
4646}
4647
4648int iscsit_release_sessions_for_tpg(struct iscsi_portal_group *tpg, int force)
4649{
4650 struct iscsi_session *sess;
4651 struct se_portal_group *se_tpg = &tpg->tpg_se_tpg;
4652 struct se_session *se_sess, *se_sess_tmp;
4653 LIST_HEAD(free_list);
4654 int session_count = 0;
4655
4656 spin_lock_bh(&se_tpg->session_lock);
4657 if (tpg->nsessions && !force) {
4658 spin_unlock_bh(&se_tpg->session_lock);
4659 return -1;
4660 }
4661
4662 list_for_each_entry_safe(se_sess, se_sess_tmp, &se_tpg->tpg_sess_list,
4663 sess_list) {
4664 sess = (struct iscsi_session *)se_sess->fabric_sess_ptr;
4665
4666 spin_lock(&sess->conn_lock);
4667 if (atomic_read(&sess->session_fall_back_to_erl0) ||
4668 atomic_read(&sess->session_logout) ||
4669 (sess->time2retain_timer_flags & ISCSI_TF_EXPIRED)) {
4670 spin_unlock(&sess->conn_lock);
4671 continue;
4672 }
4673 atomic_set(&sess->session_reinstatement, 1);
4674 spin_unlock(&sess->conn_lock);
4675
4676 list_move_tail(&se_sess->sess_list, &free_list);
4677 }
4678 spin_unlock_bh(&se_tpg->session_lock);
4679
4680 list_for_each_entry_safe(se_sess, se_sess_tmp, &free_list, sess_list) {
4681 sess = (struct iscsi_session *)se_sess->fabric_sess_ptr;
4682
4683 iscsit_free_session(sess);
4684 session_count++;
4685 }
4686
4687 pr_debug("Released %d iSCSI Session(s) from Target Portal"
4688 " Group: %hu\n", session_count, tpg->tpgt);
4689 return 0;
4690}
4691
4692MODULE_DESCRIPTION("iSCSI-Target Driver for mainline target infrastructure");
4693MODULE_VERSION("4.1.x");
4694MODULE_AUTHOR("nab@Linux-iSCSI.org");
4695MODULE_LICENSE("GPL");
4696
4697module_init(iscsi_target_init_module);
4698module_exit(iscsi_target_cleanup_module);
4699
